ThreatExpert's Statistics for Trojan-Downloader.Win32.Banload [Ikarus]:

Trojan-Downloader.Win32.Banload [Ikarus] is also known as:

Threat Alias	Number of Incidents
Mal/Generic-A [Sophos]	216
Mal/Banker-E [Sophos]	213
Downloader [Symantec]	206
Suspicious.MH690 [Symantec]	133
Trojan Horse [Symantec]	104
PWS-Banker [McAfee]	85
Mal/DelpDldr-C [Sophos]	84
Trojan-Downloader.Win32.Banload.agkc [Kaspersky Lab]	55
Generic.dx [McAfee]	52
Infostealer.Bancos [Symantec]	51
Possible_Virus [Trend Micro]	46
Win-Trojan/Xema.variant [AhnLab]	46
Mal_Banker [Trend Micro]	40
TrojanDownloader:Win32/Banload.gen!I [Microsoft]	35
Mal/Behav-130 [Sophos]	34
Win32/MalPackedB.suspicious [AhnLab]	34
Win-Trojan/Banload.3063639 [AhnLab]	32
Mal/Heuri-E, Mal/Heuri-D, Mal/Emogen-N, Mal/Behav-027, Mal/Behav-010 [Sophos]	31
Backdoor.Win32.Agent.tfn [Kaspersky Lab]	30
Trojan.Win32.Delf.nzp [Kaspersky Lab]	30
TrojanSpy:Win32/Bancos.gen!B [Microsoft]	30
Mal/EncPk-DM [Sophos]	29
Trojan-Banker.Win32.Banker.ablg [Kaspersky Lab]	29
Mal/Packer [Sophos]	28
Packed.Generic.138 [Symantec]	28
Mal/Behav-103, Mal/Behav-043 [Sophos]	26
Mal/DelpDldr-D [Sophos]	25
Generic Downloader.x [McAfee]	24
Mal/Behav-103 [Sophos]	24
Mal/Behav-188 [Sophos]	24
TrojanSpy:Win32/Bancos.OC [Microsoft]	24
Downloader.Bancos!gen [Symantec]	23
Infostealer.Gampass [Symantec]	19
Packed.Generic.56 [Symantec]	19
Mal/EncPk-CU [Sophos]	18
PWS-Banker.dldr [McAfee]	17
Mal/Banspy-F, Mal/Banspy-I [Sophos]	16
Trojan-Downloader.Win32.Banload.bej [Kaspersky Lab]	16
Infostealer [Symantec]	15
PWS-Banker.gen.i [McAfee]	15
Trojan-Downloader.Win32.Delf.uze [Kaspersky Lab]	15
Virus.Win32.Induc.a [Kaspersky Lab]	15
Backdoor.Trojan [Symantec]	13
Mal/Behav-053 [Sophos]	13
Troj/Delf-FBS [Sophos]	13
Trojan-Banker.Win32.Banker.sdu [Kaspersky Lab]	13
TrojanDownloader:Win32/Tearspear [Microsoft]	13
Downloader.Generic [PC Tools]	12
Downloader.Trojan [Symantec]	12
Mal_Banld-2 [Trend Micro]	12
Spy-Agent.dt [McAfee]	12
Trojan.Win32.Agent2.cei [Kaspersky Lab]	12
W32.Virut.CF [Symantec]	12
New Malware.n [McAfee]	11
Trojan.Win32.Agent.cjxh [Kaspersky Lab]	11
Trojan-Downloader.Banload!sd6 [PC Tools]	11
TrojanDownloader:Win32/Small.gen!AP [Microsoft]	11
Virus:Win32/Virut.BM [Microsoft]	11
W32/Virut.n.gen [McAfee]	11
Downloader.gen.a [McAfee]	10
Generic Downloader.c [McAfee]	10
Mal/Behav-103, Mal/Emogen-Q [Sophos]	10
Mal/Behav-180, Mal/Behav-103, Mal/Behav-043 [Sophos]	10
New Malware.ix [McAfee]	10
Spy-Agent.br [McAfee]	10
TrojanDownloader:Win32/Small.gen!AO [Microsoft]	10
TrojanDownloader:Win32/Small.gen!B [Microsoft]	10
TrojanSpy:Win32/Bancos [Microsoft]	10
W32/Scribble-B [Sophos]	10
Dropper/Sramler.47460 [AhnLab]	9
Mal/Basine-C [Sophos]	9
Mal/Delf-M [Sophos]	9
Mal/Packer, Mal/EncPk-BW, Mal/Dropper-G [Sophos]	9
Trojan.Generic [PC Tools]	9
Trojan.Win32.VB.fda [Kaspersky Lab]	9
Trojan-Banker.Win32.Banker.abev [Kaspersky Lab]	9
Trojan-Banker.Win32.Banker.amsm [Kaspersky Lab]	9
Trojan-Downloader.Win32.Banload.agvh [Kaspersky Lab]	9
TrojanDownloader:Win32/Banload.BEJ [Microsoft]	9
W32.Kelvir [Symantec]	9
W32/Induc-A [Sophos]	9
Win-Trojan/Banker.9680896 [AhnLab]	9
Downloader-ABU [McAfee]	8
Mal/Behav-043 [Sophos]	8
Mal/VB-F [Sophos]	8
Trojan.Win32.Delf.qub [Kaspersky Lab]	8
Trojan-Downloader.Win32.Agent.atww [Kaspersky Lab]	8
Trojan-Downloader.Win32.Banload.ackw [Kaspersky Lab]	8
TrojanDownloader:Win32/Banload [Microsoft]	8
Trojan-PSW.Win32.VB.awx [Kaspersky Lab]	8
Trojan-Spy.Gampass!sd6 [PC Tools]	8
TrojanSpy:Win32/Bancos.gen!C [Microsoft]	8
W32.SillyFDC [Symantec]	8
W32/Sality.gen [McAfee]	8
Win32/ExprPacked.suspicious [AhnLab]	8
Downloader.Bancos [Symantec]	7
Mal/DelpBanc-A, Mal/Behav-103 [Sophos]	7
Mal/EncPk-C [Sophos]	7
Troj/Banld-Gen [Sophos]	7
TROJ_AGENT.OII [Trend Micro]	7

Trojan-Downloader.Win32.Banload [Ikarus] has the following possible countries of origin:

Origin		Number of Incidents
	Brazil	946
	China	198
	Germany	26
	Russian Federation	25
	Italy	24
	France	20
	United Kingdom	15
	Sweden	13
	Iran	10
	Israel	8
	Saudi Arabia	7
	Spain	4
	Portugal	3
	Hungary	2
	Japan	2
	Taiwan	2
	Australia	1
	Chile	1
	Ireland	1
	Netherlands	1
	Switzerland	1
	Turkey	1

Trojan-Downloader.Win32.Banload [Ikarus] is known to be created as:

%AppData%\adobe\media.exe

%CommonAppData%\service.exe

%CommonAppData%\windsbx.scr

%CommonAppData%\wscntfx.exe

%CommonDocuments%\my pictures\sample pictures\sunset.exe

%CommonDocuments%\my pictures\sample pictures\winter.exe

%CommonPrograms%\startup\bios.exe

%CommonPrograms%\startup\bsyys.scr

%CommonPrograms%\startup\ctfmen.exe

%CommonPrograms%\startup\iexpres.exe

%CommonPrograms%\startup\iexpresss.exe

%CommonPrograms%\startup\jvm0.exe

%CommonPrograms%\startup\kss.exe

%CommonPrograms%\startup\msn.exe

%CommonPrograms%\startup\out.exe

%CommonPrograms%\startup\startup.exe

%CommonPrograms%\startup\startup32.exe

%CommonPrograms%\startup\system32.exe

%CommonPrograms%\startup\systray.exe

%CommonPrograms%\startup\win00cd1a40.exe

%CommonPrograms%\startup\windowsupdate.scr

%CommonPrograms%\startup\zip32.exe

%DesktopDir%\desktop.exe

%Favorites%\favorites.exe

%Favorites%\links\links.exe

%LocalSettings%\tmp21008.exe

%MyDocuments%\musica.exe

%ProgramFiles%\ashavast_.exe

%ProgramFiles%\bifrost\system.exe

%ProgramFiles%\common files\sunter.exe

%ProgramFiles%\extension changer\extmain.exe

%ProgramFiles%\flyos\keylogger detector\keyloggerdetector.exe

%ProgramFiles%\internet explorer\connection wizard\ereree.exe

%ProgramFiles%\internet explorer\connection wizard\knfe.exe

%ProgramFiles%\outlook express\fdfwrrt.exe

%ProgramFiles%\outlook express\fdssfrrt.exe

%ProgramFiles%\outlook express\fnbdrrt.exe

%ProgramFiles%\quicktime_.exe

%ProgramFiles%\unlocker\unlocker.exe

%ProgramFiles%\windows nt\explorer.exe

%ProgramFiles%\xm\hide.exe

%Programs%\accessories\accessibility\accessibility.exe

%Programs%\accessories\accessories.exe

%Programs%\accessories\entertainment\entertainment.exe

%Programs%\programs.exe

%Programs%\startup\csrss.exe

%Programs%\startup\musica.exe

%Programs%\startup\out.exe

%Programs%\startup\startup.exe

%Programs%\startup\startup32.exe

%Programs%\startup\updater.exe

%System%\1\2.exe

%System%\1050\svchost.exe

%System%\aicujl.exe

%System%\aol.exe

%System%\aqjbakuy.exe

%System%\audiohq.exe

%System%\avg.exe

%System%\bios.exe

%System%\blocker.exe

%System%\boot.exe

%System%\bsyys.scr

%System%\cf.exe

%System%\ckp.exe

%System%\ckpcmd.exe

%System%\ckpexp.exe

%System%\cltmon.exe

%System%\cmos.exe

%System%\ctemon.exe

%System%\ctfmon.com

%System%\dllcache\basic.exe

%System%\dllcache\spoolsv.exe

%System%\dllcache\wuauclt.exe

%System%\drivers\armas_ng_samar.exe

%System%\drivers\comm32.exe

%System%\drivers\digitalwarlord.exe

%System%\drivers\etc\bhebie_koh.exe

%System%\drivers\etc\warai.exe

%System%\drivers\nvscv32.exe

%System%\drivers\silencer.exe

%System%\drivers\windll32.exe

%System%\drivers\winmxd.exe

%System%\future.exe

%System%\gbpihe.exe

%System%\gereba2009.exe

%System%\hixuctwc.exe

%System%\htcnlqtl.exe

%System%\iexplore.exe

%System%\iexplorer.exe

%System%\iexpres.exe

%System%\iexpresss.exe

%System%\ime\svchost.exe

%System%\internet_explorer.exe

%System%\jnjiwj.exe

%System%\jvm0.exe

%System%\keeper.exe

%System%\ldat.exe

%System%\lnhx.exe

%System%\logon.exe

%System%\lsasss.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%CommonAppData% is a variable that refers to the file system directory containing application data for all users. A typical path is C:\Documents and Settings\All Users\Application Data.
%CommonDocuments% is a variable that refers to the file system directory that contains documents that are common to all users. A typical paths is C:\Documents and Settings\All Users\Documents.
%CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
%DesktopDir% is a variable that refers to the file system directory used to physically store file objects on the desktop. A typical path is C:\Documents and Settings\[UserName]\Desktop.
%Favorites% is a variable that refers to the file system directory that serves as a common repository for the user's favorite items. A typical path is C:\Documents and Settings\[UserName]\Favorites.
%LocalSettings% is a variable that specifies the current user's local settings folder. By default, this is C:\Documents and Settings\[UserName]\Local Settings (Windows NT/2000/XP).
%MyDocuments% is a variable that refers to the file system directory used to physically store a user's common repository of documents. A typical path is C:\Documents and Settings\[UserName]\My Documents.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%Programs% is a variable that refers to the file system directory that contains the user's program groups. A typical path is C:\Documents and Settings\[UserName]\Start Menu\Programs.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).