ThreatExpert's Statistics for Trojan-Downloader.Win32.Bredolab [Ikarus]:

Trojan-Downloader.Win32.Bredolab [Ikarus] is also known as:

Threat Alias	Number of Incidents
TrojanDownloader:Win32/Bredolab.B [Microsoft]	83
Packed.Generic.243 [Symantec]	43
Mal/Generic-A [Sophos]	33
Trojan Horse [Symantec]	33
Mal/EncPk-JX, Mal/Bredo-A, Mal/Behav-340 [Sophos]	15
Downloader [Symantec]	13
Generic Downloader.x [McAfee]	12
Mal/BredoPk-B [Sophos]	12
Email-Worm.Win32.Iksmas.eeq [Kaspersky Lab]	10
Backdoor.Win32.Bredolab.yk [Kaspersky Lab]	9
Generic PWS.y!xy [McAfee]	9
W32.Waledac [Symantec]	7
Bredolab.gen.a [McAfee]	6
Mal/Bredo-A, Mal/Behav-340 [Sophos]	6
Mal/WaledPak-A [Sophos]	6
W32/Waledac.gen.e [McAfee]	6
W32/Waled-BW [Sophos]	6
Mal/BredoPk-B, Mal/Bredo-A [Sophos]	5
Mal/EncPk-FO, Mal/FakeVirPk-A [Sophos]	5
Packed.Win32.Krap.w [Kaspersky Lab]	5
Spam-Mailbot.h.gen.b [McAfee]	5
Trojan.Bredolab [Symantec]	5
Trojan.Win32.Inject.admx [Kaspersky Lab]	5
Trojan:Win32/AgentBypass.gen!A [Microsoft]	5
Backdoor.Win32.Zdoogu.bv [Kaspersky Lab]	4
Generic.dx!dnz [McAfee]	4
Mal/Basine-C [Sophos]	4
Mal/Dropper-O [Sophos]	4
Mal/EncPk-JX [Sophos]	4
TrojanDownloader:Win32/Bredolab.X [Microsoft]	4
W32.SillyDC [Symantec]	4
W32/Waledac.gen.b [McAfee]	4
W32/Waled-BP [Sophos]	4
Worm.Win32.AutoRun.goq [Kaspersky Lab]	4
Worm:Win32/SillyShareCopy.AH [Microsoft]	4
Infostealer [Symantec]	3
Mal/Bredo-A, Mal/Behav-340, Mal/BredoPk-B [Sophos]	3
Mal/EncPk-JX, Mal/Bredo-A, Mal/Behav-340, Mal/BredoPk-B [Sophos]	3
Trojan.Win32.Agent2.gbb [Kaspersky Lab]	3
TrojanDownloader:Win32/Small.gen!C [Microsoft]	3
TrojanDropper:Win32/Oficla.A [Microsoft]	3
FakeAlert-DZ [McAfee]	2
Generic Downloader.x!bcc [McAfee]	2
Generic Downloader.x!bo [McAfee]	2
Generic Downloader.x!io [McAfee]	2
Generic Dropper.ek [McAfee]	2
Mal/EncPk-HJ [Sophos]	2
Mal/EncPk-IJ [Sophos]	2
Mal/Mdrop-L [Sophos]	2
Mal/WaledPak-A, Mal/TibsPk-A, Mal/TibsPk-D [Sophos]	2
Packed.Generic.235 [Symantec]	2
Spam-Mailbot.h.gen.a [McAfee]	2
Trojan.Win32.Agent.bckm [Kaspersky Lab]	2
Trojan:Win32/Winwebsec [Microsoft]	2
W32.SillyFDC [Symantec]	2
Win-Trojan/LdPinch.54272.AB [AhnLab]	2
Backdoor.Trojan [Symantec]	1
Backdoor.Win32.Bredolab.dl [Kaspersky Lab]	1
Backdoor.Win32.Bredolab.dr [Kaspersky Lab]	1
Backdoor.Win32.Bredolab.dw [Kaspersky Lab]	1
Backdoor.Win32.Bredolab.eh [Kaspersky Lab]	1
Backdoor.Win32.Bredolab.em [Kaspersky Lab]	1
Backdoor.Win32.Bredolab.gz [Kaspersky Lab]	1
Backdoor.Win32.Bredolab.hc [Kaspersky Lab]	1
Backdoor.Win32.Bredolab.hg [Kaspersky Lab]	1
Backdoor.Win32.Bredolab.hy [Kaspersky Lab]	1
Backdoor.Win32.Bredolab.it [Kaspersky Lab]	1
Backdoor.Win32.Bredolab.jd [Kaspersky Lab]	1
Backdoor.Win32.Bredolab.jh [Kaspersky Lab]	1
Backdoor.Win32.Bredolab.jj [Kaspersky Lab]	1
Backdoor.Win32.Bredolab.kg [Kaspersky Lab]	1
Backdoor.Win32.Bredolab.kh [Kaspersky Lab]	1
Backdoor.Win32.Bredolab.kl [Kaspersky Lab]	1
Backdoor.Win32.Bredolab.lj [Kaspersky Lab]	1
Backdoor.Win32.Bredolab.lt [Kaspersky Lab]	1
Backdoor.Win32.Bredolab.lv [Kaspersky Lab]	1
Backdoor.Win32.Bredolab.mj [Kaspersky Lab]	1
Backdoor.Win32.Bredolab.nm [Kaspersky Lab]	1
Backdoor.Win32.Bredolab.nt [Kaspersky Lab]	1
Backdoor.Win32.Bredolab.nu [Kaspersky Lab]	1
Backdoor.Win32.Bredolab.nz [Kaspersky Lab]	1
Backdoor.Win32.Bredolab.or [Kaspersky Lab]	1
Backdoor.Win32.Bredolab.pu [Kaspersky Lab]	1
Backdoor.Win32.Bredolab.qv [Kaspersky Lab]	1
Backdoor.Win32.Inject.gb [Kaspersky Lab]	1
Backdoor.Win32.Small.hip [Kaspersky Lab]	1
Backdoor.Win32.Small.hiy [Kaspersky Lab]	1
Backdoor.Win32.Zdoogu.af [Kaspersky Lab]	1
Backdoor.Win32.Zdoogu.fa [Kaspersky Lab]	1
Backdoor.Win32.Zdoogu.r [Kaspersky Lab]	1
Backdoor:Win32/Sdbot [Microsoft]	1
Dropper/Muldrop.37376 [AhnLab]	1
Generic BackDoor.u [McAfee]	1
Generic Downloader.ab [McAfee]	1
Generic Downloader.x!bcj [McAfee]	1
Generic Downloader.x!bs [McAfee]	1
Generic Downloader.x!fi [McAfee]	1
Generic Downloader.x!id [McAfee]	1
Generic Downloader.x!qn [McAfee]	1
Generic Downloader.x!qx [McAfee]	1

Trojan-Downloader.Win32.Bredolab [Ikarus] has the following possible countries of origin:

Origin		Number of Incidents
	Russian Federation	60
	China	1

Trojan-Downloader.Win32.Bredolab [Ikarus] is known to be created as:

%AppData%\ptssvc.exe

%CommonAppData%\11913434\11913434.exe

%CommonAppData%\12157814\12157814.exe

%CommonAppData%\17448754\17448754.exe

%ProgramFiles%\internet explorer\rasadhlp.dll

%ProgramFiles%\microsoft sql server\sqlsrv.exe

%Programs%\startup\dfqupd32.exe

%Programs%\startup\fmnupd32.exe

%Programs%\startup\ihaupd32.exe

%Programs%\startup\isqsys32.exe

%Programs%\startup\rncsys32.exe

%Programs%\startup\rqjupd32.exe

%System%\digeste.dll

%System%\digiwet.dll

%System%\drivers\ntndis.exe

%System%\mcenspc.dll

%System%\msansspc.dll

%System%\wbem\grpconv.exe

%System%\wbem\proquota.exe

%Temp%\_ex-68.exe

%Temp%\bbbbca.exe

%Temp%\crypt.exe

%Temp%\eieipj.exe

%Temp%\gfgfmi.exe

%Temp%\load.exe

%Temp%\load1.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%CommonAppData% is a variable that refers to the file system directory containing application data for all users. A typical path is C:\Documents and Settings\All Users\Application Data.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%Programs% is a variable that refers to the file system directory that contains the user's program groups. A typical path is C:\Documents and Settings\[UserName]\Start Menu\Programs.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).