Threat Search: 

ThreatExpert's Statistics for Troj/Bifrose-XE [Sophos]:

Troj/Bifrose-XE [Sophos] is also known as:
Threat AliasNumber of Incidents
Trojan.Dropper [Symantec]42
Backdoor-CEP.gen.q [McAfee]41
Trojan-Dropper.Win32.Stabs.aao [Kaspersky Lab]40
Win-Trojan/Agent.11776.KS [AhnLab]36
VirTool.Win32.Injector [Ikarus]32
BKDR_BIFROSE.DZZ [Trend Micro]22
VirTool:Win32/Injector.gen!Y [Microsoft]18
Trojan.Dropper [PC Tools]13
Trojan:Win32/Midgare.A [Microsoft]13
VirTool:Win32/Injector.gen!W [Microsoft]12
Dropper/Stabs.48541 [AhnLab]10
Trojan Horse [Symantec]2
Trojan-Dropper.Win32.Stabs.arh [Kaspersky Lab]1
Trojan-Dropper.Win32.Stabs.arn [Kaspersky Lab]1
Trojan-Dropper.Win32.Stabs.ek [Kaspersky Lab]1
Trojan-Dropper.Win32.Stabs.ie [Kaspersky Lab]1
Trojan-Dropper.Win32.Stabs.yn [Kaspersky Lab]1
VirTool:Win32/CeeInject.gen!N [Microsoft]1
Virus.Win32.CeeInject [Ikarus]1

Troj/Bifrose-XE [Sophos] is known to be created as:
%Profiles%\1.2.1.exe
%ProgramFiles%\bifrost\server.exe
%ProgramFiles%\bifrost\win.exe
%ProgramFiles%\system23\iexplore.exe
%ProgramFiles%\wincrak\payload.exe
%ProgramFiles%\windowsdll\windows.exe
%System%\2system\1system.exe
%System%\bifrost\saret.exe
%System%\computer\system.exe
%System%\programs\antiaimer.exe
%System%\q1g\sref.exe
%System%\sysdll\runsys.exe
%Temp%\1atmpvcnoo.exe
%Temp%\ixp000.tmp\obadah.exe
%Temp%\ixp000.tmp\s.exe
%Temp%\rundll.exe
%Temp%\server.exe
%Temp%\xx.exe
Notes:
  • %Profiles% is a variable that refers to the file system directory containing user profile folders. A typical path is C:\Documents and Settings.
  • %ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
  • %System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
  • %Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).