ThreatExpert's Statistics for Possible_Crypt [Trend Micro]:

Possible_Crypt [Trend Micro] is also known as:

Threat Alias	Number of Incidents
Mal/Heuri-E, Mal/Emogen-N, Mal/Behav-027, Mal/Behav-010 [Sophos]	9
Downloader [Symantec]	6
Downloader.gen.a [McAfee]	6
Trojan-PSW.Win32.Papras.gm [Kaspersky Lab]	4
Downloader-ARR [McAfee]	3
Infostealer [Symantec]	3
Mal/EncPk-GC [Sophos]	3
PWS-LDPinch [McAfee]	3
Trojan.Win32.Qhost.acb [Kaspersky Lab]	3
Packed.Generic.131 [Symantec]	2
Suspicious.MH690 [Symantec]	2
Trojan.Win32.Small.fb [Kaspersky Lab]	2
Trojan-Downloader.Ruins [PC Tools]	2
Trojan-PSW.Win32.Papras.gr [Kaspersky Lab]	2
Virus.Win32.VB.dl [Ikarus]	2
Backdoor.Win32.Bifrose.adiz [Kaspersky Lab]	1
Backdoor.Win32.Delf.ajp [Kaspersky Lab]	1
Backdoor-CEP [McAfee]	1
Downloader-AWH [McAfee]	1
Generic PWS.y!6F939359 [McAfee]	1
Infostealer.Gampass [Symantec]	1
Mal/EncPk-AP, Mal/Behav-024 [Sophos]	1
Mal/EncPk-GC, Mal/Emogen-N, Mal/Heuri-E, Mal/Behav-027, Mal/Behav-010 [Sophos]	1
Mal/Generic-A [Sophos]	1
Mal/Heuri-E [Sophos]	1
Mal/TibsPk-A, Mal/Packer, Mal/Behav-027 [Sophos]	1
New Malware.an [McAfee]	1
New Malware.bl [McAfee]	1
not-a-virus:NetTool.Win32.Gina.a [Kaspersky Lab]	1
PWS:Win32/Frethog.BS [Microsoft]	1
Troj/Dloadr-ASU [Sophos]	1
Troj/RuinDl-K [Sophos]	1
Trojan Horse [Symantec]	1
Trojan.Dropper [Symantec]	1
Trojan.LdPinch [PC Tools]	1
Trojan.Packed.7 [Symantec]	1
Trojan.Win32.DNSChanger [Ikarus]	1
Trojan.Win32.Small.fb [Ikarus]	1
Trojan:Win32/Alureon [Microsoft]	1
Trojan:Win32/Alureon.A [Microsoft]	1
Trojan:Win32/Midgare.A [Microsoft]	1
Trojan-Downloader.Small!sd6 [PC Tools]	1
Trojan-Downloader.Win32.Agent.bfv [Kaspersky Lab]	1
Trojan-Downloader.Win32.Agent.tc [Kaspersky Lab]	1
Trojan-Downloader.Win32.Small [Ikarus]	1
Trojan-Downloader.Win32.Small.cyo [Kaspersky Lab]	1
Trojan-Downloader.Win32.Small.dge [Kaspersky Lab]	1
Trojan-Downloader.Win32.Small.yad [Kaspersky Lab]	1
Trojan-Downloader.Win32.Small.ygr [Kaspersky Lab]	1
Trojan-Downloader.Win32.Small.zoj [Kaspersky Lab]	1
TrojanDownloader:Win32/Agent.XC [Microsoft]	1
TrojanDownloader:Win32/Small.gen!AD [Microsoft]	1
TrojanDownloader:Win32/Wunkay.A [Microsoft]	1
Trojan-GameThief.Win32.Lmir [Ikarus]	1
Trojan-PSW.Papras!sd6 [PC Tools]	1
Trojan-PSW.Win32.LdPinch.beo [Kaspersky Lab]	1
Trojan-PSW.Win32.LdPinch.bgj [Kaspersky Lab]	1
Trojan-PSW.Win32.LdPinch.dmi [Kaspersky Lab]	1
Trojan-PSW.Win32.Papras.gn [Kaspersky Lab]	1
Trojan-PSW.Win32.Papras.gv [Kaspersky Lab]	1
Trojan-PWS.Win32.Papras.gv [Ikarus]	1
Virus.Trojan.Win32.Midgare.hhn [Ikarus]	1

Possible_Crypt [Trend Micro] has the following possible countries of origin:

Origin		Number of Incidents
	China	21
	Russian Federation	3
	Brazil	1

Possible_Crypt [Trend Micro] is known to be created as:

%ProgramFiles%\bifrost\server.exe

%System%\bootlist32.exe

%System%\dmcjy.exe

%System%\dmmqz.exe

%System%\dmpwk.exe

%System%\syst8t.exe

%System%\tmp_2v.exe

%Windir%\9129837.exe

%Windir%\bifrost\server.exe

Notes:

%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.