ThreatExpert's Statistics for Packed.Win32.Katusha [Ikarus]:

Packed.Win32.Katusha [Ikarus] is also known as:

Threat Alias	Number of Incidents
Trojan:Win32/Opachki.A [Microsoft]	2,295
HeurEngine.MaliciousPacker [PC Tools]	2,027
Packed.Generic.271 [Symantec]	2,027
Packed.Win32.Katusha.j [Kaspersky Lab]	2,027
Mal/FakeAV-BX [Sophos]	2,026
Generic.dx!lne [McAfee]	945
Troj/Virtum-Gen [Sophos]	36
Packed.Win32.Katusha.g [Kaspersky Lab]	35
Packed.Win32.Katusha.b [Kaspersky Lab]	18
Packed.Win32.Katusha.e [Kaspersky Lab]	16
Trojan:Win32/FakeXPA [Microsoft]	12
Mal/Generic-A [Sophos]	9
Trojan Horse [Symantec]	9
Trojan.Generic [PC Tools]	7
Trojan:Win32/Liften.B [Microsoft]	6
Generic Dropper.cx [McAfee]	5
Packed.Win32.Katusha.a [Kaspersky Lab]	4
Trojan.Fakeavalert [Symantec]	4
Packed.Generic.187 [Symantec]	3
Trojan.FakeAV!gen5 [Symantec]	3
FakeAlert-DI [McAfee]	2
Generic Downloader.x [McAfee]	2
Generic.dx [McAfee]	2
Mal/EncPk-CZ [Sophos]	2
Mal/EncPk-FX [Sophos]	2
Mal/EncPk-HM [Sophos]	2
Mal/EncPk-HW [Sophos]	2
Mal/EncPk-HW, Mal/EncPk-CZ [Sophos]	2
Mal/EncPk-JY [Sophos]	2
Mal/Generic-A, Mal/EncPk-FX [Sophos]	2
Packed.Generic.177 [Symantec]	2
Packed.Win32.Katusha.c [Kaspersky Lab]	2
Trojan:Win32/Tiebho.A [Microsoft]	2
TrojanDownloader:Win32/Renos.DZ [Microsoft]	2
Win-Trojan/Fraudpack.Gen [AhnLab]	2
Win-Trojan/Katusha.99332 [AhnLab]	2
Backdoor.Trojan [Symantec]	1
Backdoor:Win32/Hostil.F [Microsoft]	1
Downloader [Symantec]	1
Downloader-BLO [McAfee]	1
Downloader-BON [McAfee]	1
FakeAlert-AB.dldr.gen [McAfee]	1
FakeAlert-av2009.gen.b [McAfee]	1
FakeAlert-av360.dll.gen [McAfee]	1
FakeAlert-CN.gen.a [McAfee]	1
FakeAlert-EQ [McAfee]	1
FakeAlert-KN.a [McAfee]	1
FakeAlert-KN.gen [McAfee]	1
Generic Downloader.x!cg [McAfee]	1
Generic Dropper.dn [McAfee]	1
Generic Dropper.p [McAfee]	1
Generic FakeAlert!df [McAfee]	1
Generic FakeAlert!ec [McAfee]	1
Generic FakeAlert.m [McAfee]	1
Generic.dx!kwv [McAfee]	1
Generic.dx!lfh [McAfee]	1
Generic.dx!oem [McAfee]	1
Infostealer [Symantec]	1
Infostealer.Banker.C [Symantec]	1
Mal/Dorf-F [Sophos]	1
Mal/EncPk-CZ, Mal/EncPk-EI [Sophos]	1
Mal/EncPk-HV, Mal/EncPk-HM [Sophos]	1
Mal/EncPk-HW, Mal/EncPk-JD, Mal/TibsPk-A [Sophos]	1
Mal/EncPk-IS [Sophos]	1
Mal/FakeAV-AH [Sophos]	1
Mal/FakeAV-BQ [Sophos]	1
Mal/FakeVirPk-A [Sophos]	1
Mal/FakeVirPk-A, Mal/TibsPk-A [Sophos]	1
Mal/FakeXPA-A, Mal/EncPk-FX [Sophos]	1
Mal/FakeXPA-A, Mal/EncPk-MW, Mal/EncPk-FX [Sophos]	1
Mal/Generic-A, Mal/EncPk-MP, Mal/FakeAV-BX [Sophos]	1
Mal/TibsPk-A [Sophos]	1
Mal/UnkPack-Fam [Sophos]	1
Malware.Virut [PC Tools]	1
not-a-virus:Downloader.Win32.Antivirus2009.l [Kaspersky Lab]	1
Packed.Generic.214 [Symantec]	1
Packed.Win32.Katusha.h [Kaspersky Lab]	1
PersonalAV [McAfee]	1
Troj/Dloadr-CJZ [Sophos]	1
TROJ_FAKEAV.TP [Trend Micro]	1
Trojan.FakeAV [PC Tools]	1
Trojan.Interrupdate [Symantec]	1
Trojan:Win32/FakeSmoke [Microsoft]	1
Trojan:Win32/Yektel.A [Microsoft]	1
TrojanDownloader:Win32/Obitel.gen!A [Microsoft]	1
TrojanDownloader:Win32/Renos.DY [Microsoft]	1
TrojanDownloader:Win32/Renos.EI [Microsoft]	1
TrojanDownloader:Win32/Renos.FJ [Microsoft]	1
TrojanDownloader:Win32/Renos.HO [Microsoft]	1
W32.Virut.CF [Symantec]	1
Win32/IRCBot.worm.variant [AhnLab]	1
Win-Trojan/Downloader.76811 [AhnLab]	1
Win-Trojan/FakeAV.102826 [AhnLab]	1
Win-Trojan/Fraudpack.130052 [AhnLab]	1
Win-Trojan/Katusha.129028 [AhnLab]	1
Win-Trojan/Katusha.13824.B [AhnLab]	1
Win-Trojan/Katusha.211968 [AhnLab]	1
Win-Trojan/Katusha.300032.C [AhnLab]	1
Win-Trojan/Katusha.61952 [AhnLab]	1
Win-Trojan/Katusha.79872 [AhnLab]	1

Packed.Win32.Katusha [Ikarus] has the following possible countries of origin:

Origin		Number of Incidents
	Russian Federation	3
	Japan	1

Packed.Win32.Katusha [Ikarus] is known to be created as:

%Profiles%\default user\ntload.dll

%Profiles%\default user\start menu\programs\startup\scandisk.dll

%Profiles%\localservice\ntload.dll

%Profiles%\networkservice\ntload.dll

%Programs%\startup\scandisk.dll

%System%\ats.exe

%System%\msxml71.dll

%System%\netfilter.exe

%System%\notepad.dll

%Temp%\alpha.exe

%Temp%\jibogosu.dll

%Temp%\ntload.dll

%Temp%\svchost.exe

%UserProfile%\ntload.dll

%Windir%\svzip.exe

%Windir%\temp\ntload.dll

Notes:

%Profiles% is a variable that refers to the file system directory containing user profile folders. A typical path is C:\Documents and Settings.
%Programs% is a variable that refers to the file system directory that contains the user's program groups. A typical path is C:\Documents and Settings\[UserName]\Start Menu\Programs.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%UserProfile% is a variable that specifies the current user's profile folder. By default, this is C:\Documents and Settings\[UserName] (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.