ThreatExpert's Statistics for Trojan-Downloader.Win32.Cutwail [Ikarus]:

Trojan-Downloader.Win32.Cutwail [Ikarus] is also known as:

Threat Alias	Number of Incidents
Mal/Generic-A [Sophos]	40
TrojanDownloader:Win32/Cutwail.gen!C [Microsoft]	40
Trojan Horse [Symantec]	29
FakeAlert-ID [McAfee]	28
Virus.Win32.Virut.ce [Kaspersky Lab]	25
W32.Virut.CF [Symantec]	22
Win32/Virut.F [AhnLab]	21
W32/Scribble-B [Sophos]	19
Downloader [Symantec]	18
FakeAlert-AG.gen.c [McAfee]	18
Spy-Agent.bv.gen.b [McAfee]	18
TrojanDownloader:Win32/Cutwail.AQ [Microsoft]	18
Virus:Win32/Virut.BM [Microsoft]	18
Troj/Pushdo-AQ [Sophos]	16
Mal/FakeAV-AX [Sophos]	15
Mal/Pushdo-A [Sophos]	15
TrojanDownloader:Win32/Cutwail.AI [Microsoft]	14
Generic Downloader.x [McAfee]	13
TrojanDropper:Win32/Cutwail.AL [Microsoft]	12
Mal/TibsPk-A [Sophos]	11
Trojan.Pandex [Symantec]	11
Trojan-Downloader.Win32.Mutant.foa [Kaspersky Lab]	11
New Win32 [McAfee]	10
Infostealer.Gampass [Symantec]	9
Trojan-Downloader.Win32.FraudLoad.vmrj [Kaspersky Lab]	9
Trojan-Spy.Gampass!sd6 [PC Tools]	9
Win-Trojan/Kobcka.30208.D [AhnLab]	9
Cutwail [McAfee]	8
Troj/DwnLdr-HKK [Sophos]	8
TrojanDownloader:Win32/Cutwail [Microsoft]	8
TrojanDownloader:Win32/Cutwail.gen!B [Microsoft]	7
Cutwail.dll.gen [McAfee]	6
Cutwail.gen.b [McAfee]	6
Generic FakeAlert.a [McAfee]	6
Infostealer.Banker.C [Symantec]	6
PWS:Win32/Zbot.gen!R [Microsoft]	6
Trojan-Downloader.Win32.Mutant.bwc [Kaspersky Lab]	6
TrojanDownloader:Win32/Cutwail.S [Microsoft]	6
W32/Virut.n.gen [McAfee]	6
Win-Trojan/Downloader.35328.JD [AhnLab]	5
Backdoor.Win32.Small.hnz [Kaspersky Lab]	4
Dropper/Rustock.Gen [AhnLab]	4
Generic Downloader.x!bg [McAfee]	4
Troj/Pushu-Gen, Mal/Behav-116, Mal/Emogen-Y [Sophos]	4
Trojan.Win32.Agent.amxg [Kaspersky Lab]	4
Trojan.Win32.Agent.cdcn [Kaspersky Lab]	4
Win-Trojan/Mutant.26937 [AhnLab]	4
Win-Trojan/SpamMailer.24576 [AhnLab]	4
Backdoor.Trojan [Symantec]	3
Backdoor.Win32.Small.yt [Kaspersky Lab]	3
Generic FakeAlert!ck [McAfee]	3
Mal/Dorf-A [Sophos]	3
Mal/Emogen-Y [Sophos]	3
Mal/FakeAV-AX, W32/Scribble-B [Sophos]	3
Troj/Meredr-Fam, Mal/Pandex-B [Sophos]	3
TrojanDownloader:Win32/Cutwail.AE [Microsoft]	3
TrojanDownloader:Win32/Cutwail.W [Microsoft]	3
Virus:Win32/Virut.gen!E [Microsoft]	3
Win-Trojan/Downloader.39424.CT [AhnLab]	3
Backdoor.Win32.Small.idl [Kaspersky Lab]	2
Generic Dropper.gj [McAfee]	2
Hacktool.Rootkit [Symantec]	2
Packed.Generic.234 [Symantec]	2
PE_VIRUT.XP [Trend Micro]	2
PE_VIRUX.A-1 [Trend Micro]	2
PWS:Win32/Zbot.gen!Q [Microsoft]	2
Troj/NTRoot-E [Sophos]	2
Trojan.Agent!sd6 [PC Tools]	2
Trojan.Win32.Agent.ampl [Kaspersky Lab]	2
Trojan.Win32.Agent.brfk [Kaspersky Lab]	2
Trojan.Win32.Agent2.dvx [Kaspersky Lab]	2
Trojan.Win32.Inject.jxk [Kaspersky Lab]	2
Trojan-Downloader.Agent.BWH [PC Tools]	2
Trojan-PSW.Banker [PC Tools]	2
Trojan-Spy.Win32.Zbot.aafs [Kaspersky Lab]	2
Trojan-Spy.Win32.Zbot.aaif [Kaspersky Lab]	2
Trojan-Spy.Win32.Zbot.aait [Kaspersky Lab]	2
Trojan-Spy.Win32.Zbot.abfj [Kaspersky Lab]	2
Virus.Win32.Virut.q [Kaspersky Lab]	2
Virus:Win32/Virut.gen!O [Microsoft]	2
Virus:Win32/Virut.K [Microsoft]	2
Vundo.gen.aq [McAfee]	2
W32.Virut.U [Symantec]	2
W32/Vetor-A [Sophos]	2
Win32.Virut.Gen.5 [PC Tools]	2
Win32/Virut.D [AhnLab]	2
Win-Trojan/Downloader.20480.ZM [AhnLab]	2
Win-Trojan/Rootkit.40576 [AhnLab]	2
Win-Trojan/Zbot.101888 [AhnLab]	2
Backdoor.Agent!sd6 [PC Tools]	1
Backdoor.Small!sd6 [PC Tools]	1
Backdoor.Win32.Agent.affe [Kaspersky Lab]	1
Backdoor.Win32.Bredolab.ca [Kaspersky Lab]	1
Backdoor.Win32.HareBot.ho [Kaspersky Lab]	1
Backdoor.Win32.HareBot.is [Kaspersky Lab]	1
Backdoor.Win32.Small.wq [Kaspersky Lab]	1
Cutwail.gen.c [McAfee]	1
Cutwail.gen.d [McAfee]	1
Downloader.Generic [PC Tools]	1
Dropper/Agent.41984.AK [AhnLab]	1

Trojan-Downloader.Win32.Cutwail [Ikarus] has the following possible countries of origin:

Origin		Number of Incidents
	Russian Federation	13
	China	1

Trojan-Downloader.Win32.Cutwail [Ikarus] is known to be created as:

%System%\av_md.exe

%System%\ms18_word.exe

%System%\reader_s.exe

%System%\restorer32_a.exe

%System%\restorer64_a.exe

%System%\rs32net.exe

%System%\sdra64.exe

%System%\twext.exe

%System%\winctrl32.dll

%Temp%\infected\reader_s.exe

%Temp%\kafan virlist 2009.03.23\090323-b-7.exe

%UserProfile%\av_md.exe

%UserProfile%\ms18_word.exe

%UserProfile%\reader_s.exe

%UserProfile%\restorer32_a.exe

%UserProfile%\restorer64_a.exe

Notes:

%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%UserProfile% is a variable that specifies the current user's profile folder. By default, this is C:\Documents and Settings\[UserName] (Windows NT/2000/XP).