ThreatExpert's Statistics for Mal/VB-AB [Sophos]:

Mal/VB-AB [Sophos] is also known as:

Threat Alias	Number of Incidents
Trojan Horse [Symantec]	27
Trojan.Win32.VB [Ikarus]	22
Generic VB.b [McAfee]	17
Trojan.Win32.VB.idf [Kaspersky Lab]	17
Worm:Win32/Hamweq.W [Microsoft]	17
VirTool:Win32/VBInject.gen!AN [Microsoft]	11
Win-Trojan/Agent.40960.VA [AhnLab]	11
Win-Trojan/Xema.variant [AhnLab]	9
Backdoor.Win32.Poison [Ikarus]	6
VirTool:Win32/Runcrypt.B [Microsoft]	6
Generic.dx [McAfee]	5
Trojan-Dropper.Delf [Ikarus]	5
Backdoor-DZP [McAfee]	4
Packed.Win32.CPEX-based.ht [Kaspersky Lab]	4
Trojan.Generic [PC Tools]	4
Win-Trojan/Agent.147466 [AhnLab]	4
Infostealer [Symantec]	3
Trojan-Dropper.Win32.VB [Ikarus]	3
Trojan-PSW.Win32.VB.akk [Kaspersky Lab]	3
Backdoor.Poison.gsj [PC Tools]	2
Backdoor.Win32.Bifrose [Ikarus]	2
Gen.Trojan [Ikarus]	2
Trojan.Inject [Ikarus]	2
Trojan.VB!sd6 [PC Tools]	2
Trojan.Win32.Refroso.jvi [Kaspersky Lab]	2
Trojan.Win32.VB.fov [Kaspersky Lab]	2
Trojan-Downloader.Win32.Agent.bvst [Kaspersky Lab]	2
Trojan-Dropper.Win32.VB.cky [Ikarus]	2
Trojan-Dropper.Win32.VB.inq [Kaspersky Lab]	2
Trojan-PWS.Win32.VB [Ikarus]	2
VirTool:Win32/Acillatem [Microsoft]	2
Virus.Win32.VB [Ikarus]	2
W32.IRCBot [Symantec]	2
Backdoor.Graybird [Symantec]	1
Backdoor.Trojan [Symantec]	1
Backdoor.Win32.Bifrose.awnb [Kaspersky Lab]	1
Backdoor.Win32.Poison.ajmc [Kaspersky Lab]	1
Backdoor.Win32.Poison.iwv [Kaspersky Lab]	1
Backdoor.Win32.VB [Ikarus]	1
Backdoor:Win32/Bisar!rts [Microsoft]	1
BackDoor-AWQ.b [McAfee]	1
BackDoor-CEP!l [McAfee]	1
BackDoor-DKI.gen.ae [McAfee]	1
Cryp_ApDrop [Trend Micro]	1
Dropper/Parsi.65536 [AhnLab]	1
Dropper/Xema.20480.AW [AhnLab]	1
Dropper/Xema.61840 [AhnLab]	1
Generic BackDoor!gb [McAfee]	1
Generic Dropper.gu [McAfee]	1
Generic VB.i [McAfee]	1
Generic VB.q [McAfee]	1
Generic VB.z [McAfee]	1
Generic.dx!fwr [McAfee]	1
Infostealer.Gampass [Symantec]	1
New Malware.ac [McAfee]	1
not-a-virus:PSWTool.Win32.FirePass.cl [Kaspersky Lab]	1
PWS:Win32/Ultisteal.A [Microsoft]	1
Spy-Agent.dj [McAfee]	1
Trojan.Loader [Ikarus]	1
Trojan.Win32.Refroso.ndu [Kaspersky Lab]	1
Trojan.Win32.Refroso.xy [Kaspersky Lab]	1
Trojan.Win32.VB.gro [Kaspersky Lab]	1
Trojan.Win32.VB.guw [Kaspersky Lab]	1
Trojan.Win32.VB.hgv [Kaspersky Lab]	1
Trojan:Win32/Ircbrute [Microsoft]	1
Trojan:Win32/VB [Microsoft]	1
Trojan-Dropper [Ikarus]	1
Trojan-Dropper.Vb [Ikarus]	1
Trojan-Dropper.VB.INQ [PC Tools]	1
Trojan-Dropper.Win32.Parsi [Ikarus]	1
Trojan-Dropper.Win32.Parsi.al [Kaspersky Lab]	1
Trojan-Dropper.Win32.VB.adwc [Kaspersky Lab]	1
Trojan-Dropper.Win32.VB.inb [Kaspersky Lab]	1
TrojanDropper:Win32/Hamweq [Microsoft]	1
Trojan-PSW.Generic [PC Tools]	1
Trojan-PSW.Win32.LdPinch.acko [Kaspersky Lab]	1
Trojan-PWS.Win32.LdPinch [Ikarus]	1
Trojan-Spy.Win32.VB.cem [Kaspersky Lab]	1
VirTool.Win32.Vbinder [Ikarus]	1
VirTool.Win32.VBInject [Ikarus]	1
VirTool:Win32/Obfuscator.DM [Microsoft]	1
VirTool:Win32/Vbinder.AN [Microsoft]	1
VirTool:Win32/Vbinder.gen!G [Microsoft]	1
VirTool:Win32/VBInject.gen!BH [Microsoft]	1
VirTool:Win32/VBInject.gen!BY [Microsoft]	1
VirTool:Win32/VBInject.T [Microsoft]	1
VirTool:Win32/Vtub.BV [Microsoft]	1
VirTool:Win32/Vtub.BW [Microsoft]	1
VirTool:Win32/Vtub.YM [Microsoft]	1
Virus.Win32.VB.FEW [Ikarus]	1
Win-Trojan/Agent.36964.B [AhnLab]	1
Win-Trojan/Bifrose.173056.B [AhnLab]	1
Win-Trojan/Poison.16384.DB [AhnLab]	1
Win-Trojan/Poison.69632.X [AhnLab]	1
Worm.Win32.Agent.ur [Kaspersky Lab]	1
Worm.Win32.VB.ajk [Kaspersky Lab]	1

Mal/VB-AB [Sophos] has the following possible countries of origin:

Origin		Number of Incidents
	Spain	13
	Germany	1
	United Kingdom	1

Mal/VB-AB [Sophos] is known to be created as:

%AppData%\adm\programe.exe

%ProgramFiles%\bifrost\server.exe

%System%\kjvpa.exe

%System%\soma\soso.exe

%System%\system32dll.exe

%System%\winfiles.exe

%Temp%\2.exe

%Temp%\a1a1a-ramdan.exe

%Temp%\ixp000.tmp\mssm.exe

%Temp%\ixp000.tmp\nod32gen.exe

%Temp%\ixp000.tmp\test.exe

%Temp%\svchost.exe

%Temp%\zip\system.exe

%Windir%\adm\programe.exe

%Windir%\csrss.exe

%Windir%\explore.exe

%Windir%\iexplore.exe

%Windir%\winfiles.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.