ThreatExpert's Statistics for Packed.Win32.Krap.ah [Kaspersky Lab]:

Packed.Win32.Krap.ah [Kaspersky Lab] is also known as:

Threat Alias	Number of Incidents
Infostealer [Symantec]	1,462
Packed.Win32.Krap [Ikarus]	1,035
Mal/EncPk-MA, Mal/FakeDouf-B [Sophos]	1,003
Trojan-PSW.Generic [PC Tools]	845
Trojan:Win32/Opachki.A [Microsoft]	654
Trojan.CryptRedol [Ikarus]	633
Generic.dx!hca [McAfee]	575
Mal/EncPk-LT, Mal/FakeAV-BX, Mal/FakeDouf-B, Mal/EncPk-MA [Sophos]	406
Mal/Generic-A [Sophos]	148
Trojan Horse [Symantec]	135
Downloader [Symantec]	89
Generic Downloader.x!btg [McAfee]	50
Troj/Dldr-CG [Sophos]	49
Mal/EncPk-KP [Sophos]	44
Win-Trojan/Krap.15000.E [AhnLab]	42
Trojan:Win32/Ertfor.C [Microsoft]	28
Packed.Generic.258 [Symantec]	27
Trojan.Agent.qefi [PC Tools]	21
Trojan.Win32.Ertfor [Ikarus]	20
Mal/FakeDouf-B [Sophos]	18
Generic Downloader.z [McAfee]	16
HeurEngine.MaliciousPacker [PC Tools]	15
Win-Trojan/Fakeav.Gen [AhnLab]	14
Packed.Generic.271 [Symantec]	9
Troj/FakeAV-AIX [Sophos]	9
Win-Trojan/Krap.102912.H [AhnLab]	9
Downloader.Generic [PC Tools]	7
Generic.dx!fya [McAfee]	7
Mal/FakeAV-BX [Sophos]	7
Mal/TibsPk-D, Mal/TibsPk-A [Sophos]	7
Trojan:Win32/Ertfor.B [Microsoft]	7
Backdoor:Win32/Syrutrk.A [Microsoft]	6
Mal/Basine-C [Sophos]	6
Packed.Win32.Koblu.c [Kaspersky Lab]	6
Packed.Win32.TDSS.aa [Kaspersky Lab]	6
Trojan-Downloader.Win32.Clopack.in [Kaspersky Lab]	6
Mal/Bredo-C, Mal/EncPk-IF [Sophos]	5
Mal/Fakecor-B, Mal/Behav-314 [Sophos]	5
Virus.Packed.Win32.Krap [Ikarus]	5
Generic.dx!gkj [McAfee]	4
Generic.dx!hee [McAfee]	4
Mal/EncPk-LT, Mal/FakeAV-BX, Mal/FakeDouf-B [Sophos]	4
Mal/FakeAV-BX, Mal/EncPk-MC [Sophos]	4
Trojan.Generic [PC Tools]	4
Trojan.Win32.Agent2.cmhs [Kaspersky Lab]	4
Win32/XDecrypt [AhnLab]	4
Win-Trojan/Agent.24064.OL [AhnLab]	4
Win-Trojan/Agent.31744.NL [AhnLab]	4
FakeAlert-SpyPro [McAfee]	3
RogueAntiSpyware.AntivirusSystemPro [PC Tools]	3
Troj/Dloadr-CWW [Sophos]	3
Trojan.Dropper [Symantec]	3
Trojan.Win32.Cosmu.dqz [Kaspersky Lab]	3
Trojan:Win32/FakeSpypro [Microsoft]	3
TrojanDownloader:Win32/Obitel [Microsoft]	3
AntiVirus2008 [Symantec]	2
FakeAlert-CK [McAfee]	2
FakeAlert-XPSecCenter [McAfee]	2
Generic Downloader.x!bpf [McAfee]	2
Infostealer.Banker.C [Symantec]	2
Mal/Bredo-C [Sophos]	2
Mal/EncPk-IF [Sophos]	2
Mal/EncPk-LT, Mal/FakeAV-BX, Mal/FakeDouf-B, Mal/EncPk-MC [Sophos]	2
Mal/EncPk-LT, Mal/FakeAV-BX, Mal/FakeDouf-B, Mal/EncPk-MC, Mal/EncPk-MA [Sophos]	2
Mal/EncPk-MC [Sophos]	2
Mal/EncPk-MC, Mal/EncPk-MA, Mal/FakeDouf-B [Sophos]	2
Mal/EncPk-MC, Mal/FakeDouf-B [Sophos]	2
Mal/EncPk-MP, Mal/EncPk-LT, Mal/EncPk-IF, Mal/Bredo-C, Mal/EncPk-KP [Sophos]	2
Mal/FakeAV-BX, Mal/FakeDouf-B [Sophos]	2
Mal/FakeAV-BX, Mal/TibsPk-D, Mal/TibsPk-A [Sophos]	2
Mal/FakeDouf-A, Mal/Bredo-C [Sophos]	2
Mal/Generic-A, Mal/EncPk-IF [Sophos]	2
PWS:Win32/Zbot.PG [Microsoft]	2
Trojan.Dropper [PC Tools]	2
Trojan.FakeAV [Symantec]	2
Trojan.Win32.Cosmu [Ikarus]	2
Trojan.Win32.FakeSpypro [Ikarus]	2
Trojan:Win32/Malagent [Microsoft]	2
TrojanClicker:Win32/Klik [Microsoft]	2
TrojanDownloader:Win32/Fakeinit [Microsoft]	2
Trojan-Dropper.Agent [Ikarus]	2
Trojan-PSW.Banker [PC Tools]	2
Win-Trojan/Krap.13312.O [AhnLab]	2
Downloader.MisleadApp [Symantec]	1
Dropper/Malware.11776.D [AhnLab]	1
Dropper/Malware.22528.H [AhnLab]	1
Generic Dropper.ke [McAfee]	1
Generic FakeAlert!9F6E4576 [McAfee]	1
Generic.dx!fzs [McAfee]	1
Generic.dx!gfq [McAfee]	1
Generic.dx!gzz [McAfee]	1
Generic.dx!heq [McAfee]	1
Generic.dx!hfk [McAfee]	1
Generic.dx!hkz [McAfee]	1
Generic.dx!hou [McAfee]	1
Mal/Bredo-C, Mal/Fakecor-B, Mal/Behav-314, Mal/EncPk-IF [Sophos]	1
Mal/EncPk-IF, Mal/FakeDouf-A [Sophos]	1
Mal/EncPk-LT [Sophos]	1
Mal/EncPk-MC, Mal/TibsPk-D [Sophos]	1
Mal/FakeAV-AD [Sophos]	1

Packed.Win32.Krap.ah [Kaspersky Lab] has the following possible countries of origin:

Origin		Number of Incidents
	Russian Federation	47
	Taiwan	3
	China	1
	Ukraine	1

Packed.Win32.Krap.ah [Kaspersky Lab] is known to be created as:

%AppData%\bleerk\ylersysguard.exe

%AppData%\lizkavd.exe

%AppData%\mlpxcp\hdkysysguard.exe

%AppData%\nqunda\ibmysysguard.exe

%AppData%\pceafd\mbxmsysguard.exe

%AppData%\seres.exe

%AppData%\svcst.exe

%CommonAppData%\69910429\69910429.exe

%Profiles%\localservice\ntuser.dll

%Programs%\startup\mgjwin32.exe

%Programs%\startup\scandisk.dll

%System%\asvfc.dll

%System%\calc.dll

%System%\er9kop338.dll

%System%\gro6d.dll

%System%\gvui0e6g86.dll

%System%\hwf3u7.dll

%System%\m344asp.dll

%System%\nethelp.exe

%System%\nmklo.dll

%System%\sdra64.exe

%System%\t1x21e2y.dll

%System%\wbem\grpconv.exe

%System%\wbem\proquota.exe

%System%\wininet.exe

%System%\winlogon86.exe

%System%\winupdate86.exe

%System%\ylftj.dll

%Temp%\1370447856.exe

%Temp%\1849633264.exe

%Temp%\260055224.exe

%Temp%\4_pinnew.exe

%Temp%\4257883198.exe

%Temp%\5_odb.exe

%Temp%\6_ldr3.exe

%Temp%\avp.exe

%Temp%\avto.exe

%Temp%\avto1.exe

%Temp%\avto2.exe

%Temp%\avto3.exe

%Temp%\avto4.exe

%Temp%\aym53.exe

%Temp%\bcyvz.exe

%Temp%\bev96o.exe

%Temp%\bklk8dunjl.exe

%Temp%\calc.dll

%Temp%\cfmbsysguard.exe

%Temp%\cmd.exe

%Temp%\csrss.exe

%Temp%\czf5.tmp.exe

%Temp%\debug.exe

%Temp%\drweb.exe

%Temp%\eni5.tmp.exe

%Temp%\ext5.tmp.exe

%Temp%\f641z2.exe

%Temp%\f6lo140p.exe

%Temp%\glfxsysguard.exe

%Temp%\hh7f2sxe2q.exe

%Temp%\hug5.tmp.exe

%Temp%\ieeosysguard.exe

%Temp%\jaufsysguard.exe

%Temp%\jez5.tmp.exe

%Temp%\jofhsysguard.exe

%Temp%\jrywsysguard.exe

%Temp%\login.exe

%Temp%\nek8xdk7d.exe

%Temp%\notepad.exe

%Temp%\nvsvc32.exe

%Temp%\p2gvp.dll

%Temp%\ptt0qsit8.exe

%Temp%\q1.exe

%Temp%\rundll32.dll

%Temp%\rvy1sg.exe

%Temp%\services.exe

%Temp%\setup.exe

%Temp%\smss.exe

%Temp%\spoolsv.exe

%Temp%\ssba16vji9.exe

%Temp%\svchost.exe

%Temp%\t1x21e2y.exe

%Temp%\taskmgr.exe

%Temp%\teste1_p.exe

%Temp%\teste2_p.exe

%Temp%\teste3_p.exe

%Temp%\teste4_p.exe

%Temp%\tx2hjz.dll

%Temp%\user.exe

%Temp%\w2cx1va6.exe

%Temp%\win16.exe

%Temp%\win32.exe

%Temp%\winlogon.exe

%Temp%\winlogon86.exe

%Temp%\y8ezqo53.exe

%Temp%\zlb5.tmp.exe

%Temp%\znd24szc.exe

%UserProfile%\ntuser.dll

%Windir%\amoumain.exe

%Windir%\ctfmon.exe

%Windir%\lsass.exe

%Windir%\odb.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%CommonAppData% is a variable that refers to the file system directory containing application data for all users. A typical path is C:\Documents and Settings\All Users\Application Data.
%Profiles% is a variable that refers to the file system directory containing user profile folders. A typical path is C:\Documents and Settings.
%Programs% is a variable that refers to the file system directory that contains the user's program groups. A typical path is C:\Documents and Settings\[UserName]\Start Menu\Programs.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%UserProfile% is a variable that specifies the current user's profile folder. By default, this is C:\Documents and Settings\[UserName] (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.