Threat Search: 

ThreatExpert's Statistics for Trojan-Dropper.Agent [Ikarus]:

Trojan-Dropper.Agent [Ikarus] is also known as:
Threat AliasNumber of Incidents
W32/AutoRun-MO [Sophos]61,936
W32/Almanahe.dll [McAfee]61,867
PE_CORELINK.C-O [Trend Micro]61,685
W32.Almanahe.B!inf [Symantec]45,023
W32/Alman-E [Sophos]44,473
Trojan.Almanahe [PC Tools]43,737
Trojan:Win32/Almanahe.B.dll [Microsoft]43,375
Hacktool [Symantec]42,349
Virus.Win32.Agent.bu [Kaspersky Lab]41,545
not-a-virus:NetTool.Win32.Agent.b [Kaspersky Lab]39,500
Trojan:Win32/Pepatch.E [Microsoft]36,800
Trojan-Downloader.Agent.AEN [PC Tools]30,500
Win-Trojan/Agent.53248.GU [AhnLab]27,816
BackDoor-AWQ [McAfee]24,102
Mal/Packer, Mal/EncPk-AI [Sophos]19,600
Mal/EncPk-AI [Sophos]17,500
Win-Trojan/Agent.1097728.B [AhnLab]17,153
Trojan.Qipian!sd6 [PC Tools]15,295
Win-Trojan/Agent.184320.BR [AhnLab]14,973
Trojan.Agent.B!ct [PC Tools]11,551
Generic Malware.bc [McAfee]11,000
Mal_MLWR-5 [Trend Micro]10,300
Trojan-Downloader.Win32.Agent.erl [Kaspersky Lab]10,254
Win32.Alman.C [PC Tools]9,894
Bloodhound.Unknown [Symantec]6,348
W32/Emerleox.worm [McAfee]5,957
Generic.dx [McAfee]5,733
Virus.Win32.Virtualizer [Ikarus]5,700
Trojan Horse [Symantec]4,583
Exploit.Win32.IMG-WMF.fk [Kaspersky Lab]4,050
Mal/Generic-A [Sophos]3,944
Generic Dropper.ex [McAfee]3,736
Tool-EPLLib [McAfee]3,500
Troj/PWS-AXY [Sophos]3,096
Trojan-Downloader.Win32.Agent.bsi [Kaspersky Lab]3,061
Trojan-Downloader.Agent!sd6 [PC Tools]2,921
Troj/Agent-GYK [Sophos]2,752
not-a-virus:NetTool.Win32.Agent.b [Ikarus]2,700
Downloader [Symantec]2,675
Exploit.Win32.IMG-WMF [Ikarus]2,592
Trojan-Downloader.Agent!sd5 [PC Tools]2,420
W32.Almanahe.B [Symantec]2,259
Troj/Agent-FUR [Sophos]2,235
Trojan:Win32/Almanahe.E.dll [Microsoft]2,151
Exploit.IMG-WMF!sd6 [PC Tools]2,142
Mal/TibsPak [Sophos]1,960
Trojan-Downloader.Win32.Agent.axlb [Kaspersky Lab]1,956
Backdoor.Win32.Popwin [Ikarus]1,900
Trojan:Win32/Tibs.gen!lds [Microsoft]1,880
Exploit.IMG-WMF [PC Tools]1,872
Generic Downloader.x [McAfee]1,781
Trojan-Downloader.Win32.Agent.bozt [Kaspersky Lab]1,601
Win-Trojan/ExploitTool.3740 [AhnLab]1,422
Application.E [PC Tools]1,324
Trojan.Qipian [Symantec]1,290
Packed.Generic.181 [Symantec]1,282
Trojan-PWS.Win32.Maran [Ikarus]1,200
Trojan.Fakeavalert [Symantec]1,175
Trojan.Zlob [Ikarus]1,170
not-a-virus:NetTool.Win32.Agent [Ikarus]1,100
TROJ_AGENT.ABRC [Trend Micro]1,098
Win-Trojan/HackTool.13531 [AhnLab]1,000
Win-Trojan/Alman.46592 [AhnLab]982
Hacktool.Rootkit [Symantec]963
Infostealer.Gampass [Symantec]878
Trojan-Dropper.USE [PC Tools]847
VBS/Xema [AhnLab]828
Mal/Packer [Sophos]788
Trojan-Downloader.Win32.Agent.dbt [Kaspersky Lab]780
Win32.Alman.B [PC Tools]718
Trojan.Dropper [Symantec]714
Troj/Fwdisab-B [Sophos]630
Win-Trojan/Xema.variant [AhnLab]596
VirTool:WinNT/Knockex.D [Microsoft]571
Trojan.Voxom [Symantec]552
Trojan-Spy.Gampass!sd6 [PC Tools]552
Trojan.Script [Ikarus]522
Mal/EncPk-AI, Mal/Packer [Sophos]500
Trojan-GameThief.Win32.WOW.lrn [Kaspersky Lab]485
Troj/Rootkit-DS [Sophos]480
Win-Trojan/Downloader.7680.MI [AhnLab]468
Trojan-Downloader.Win32.Agent.bhyn [Kaspersky Lab]458
Trojan.Dropper [PC Tools]455
Trojan-Downloader.Win32.Agent.bccp [Kaspersky Lab]420
Trojan-Downloader.Win32.Agent.bexw [Kaspersky Lab]420
TROJ_NSPM.RD [Trend Micro]400
Win32/Koobface.worm.75264 [AhnLab]400
Win-Trojan/OnlineGameHack.18794.B [AhnLab]396
Trojan-Downloader.Small [Ikarus]375
Mal/EncPk-GF [Sophos]365
Generic PWS.y!k [McAfee]352
TrojanDownloader:Win32/Renos.DU [Microsoft]351
Trojan-Downloader.Win32.Agent.czmx [Kaspersky Lab]339
Backdoor.Win32.Agent.amjd [Kaspersky Lab]324
Trojan.Qipian.a [PC Tools]322
Generic Dropper [McAfee]302
Backdoor.Win32.Popwin.beg [Ikarus]300
Packed/NSPack [PC Tools]300
Generic.f [McAfee]281
Infostealer.Onlinegame [Symantec]276

Trojan-Dropper.Agent [Ikarus] has the following possible countries of origin:
OriginNumber of Incidents
China2,006
Russian Federation304
Poland141
Republic of Korea116
Brazil107
United Kingdom46
Germany27
Australia26
Spain22
Israel17
Slovenia17
Taiwan16
France13
Sweden12
Ukraine11
Portugal10
Netherlands8
Italy5
Canada4
Japan4
Finland3
Hong Kong3
Romania3
Turkey3
Iceland2
Saudi Arabia2
Slovakia2
United Arab Emirates2
Albania1
Austria1
Belgium1
Bulgaria1
Czech Republic1
Egypt1
El Salvador1
Iran1
Latvia1
Mexico1
Singapore1
Switzerland1

Trojan-Dropper.Agent [Ikarus] is known to be created as:
%AppData%\adobe\reader_sl.exe
%AppData%\bifrost\server.exe
%AppData%\cftmon.exe
%AppData%\csrss.exe
%AppData%\dxsetup.exe
%AppData%\google\update\googleupdatebeta.exe
%AppData%\iecheck.exe
%AppData%\irm.dll
%AppData%\messanger\msn.exe
%AppData%\microsoft\windows\lsass.exe
%AppData%\nscagent.exe
%AppData%\nsvcappflt.exe
%AppData%\ntcheck.dll
%AppData%\pridl\pridl.exe
%AppData%\ptssvc.exe
%AppData%\spool.exe
%AppData%\spooll.exe
%AppData%\svchost.exe
%AppData%\sysrc32.exe
%AppData%\syssl.exe
%AppData%\wplugin.dll
%CommonAppData%\inmjsben\kjyxwvqj.exe
%CommonAppData%\macromedia\swupdate\swupdate.dll
%CommonAppData%\microsoft\windows\gbfqt\hwl.dll
%CommonAppData%\microsoft\windows\mspdb90.dll
%CommonAppData%\webext\cssys.dll
%CommonPrograms%\startup\autorun.exe
%CommonPrograms%\startup\sndvol32.exe
%DownloadedProgramFiles%\a1a2rc7b.dll
%DownloadedProgramFiles%\alg.exe
%DownloadedProgramFiles%\appmgmd.exe
%DownloadedProgramFiles%\explorer.exe
%DownloadedProgramFiles%\msgr.dll
%DownloadedProgramFiles%\spoolv.exe
%DownloadedProgramFiles%\svchost.exe
%DownloadedProgramFiles%\zipext32.dll
%FontsDir%\33a76000.exe
%FontsDir%\360eaec0.exe
%FontsDir%\winlogon.exe
%FontsDir%\wuauclt.exe
%LocalSettings%\tempimages\sdd1034.exe
%LocalSettings%\tempimages\spf11.exe
%Profiles%\dmz32.exe
%Profiles%\ndisp32.exe
%Profiles%\syde12.exe
%Profiles%\sysdem32.exe
%Profiles%\sysdiag24.exe
%ProgramFiles%\1-abc\utility box\startup booster\sostarter.exe
%ProgramFiles%\antiviirus.exe
%ProgramFiles%\attriview\attriview.dll
%ProgramFiles%\attriview\attriviewer.exe
%ProgramFiles%\baidu\bar\bdgdins.dll
%ProgramFiles%\bifrost\server.exe
%ProgramFiles%\cleancop\uninstall.exe
%ProgramFiles%\cleaninspector\cleaninspector.dll
%ProgramFiles%\cleaninspector\cleaninspectorupdate.exe
%ProgramFiles%\cmoney\cmoney.exe
%ProgramFiles%\cmoney\ieservice.exe
%ProgramFiles%\common files\bda\bdatuning.dll
%ProgramFiles%\common files\designer\wsock32.dll
%ProgramFiles%\common files\mssoap\binaries\wsock32.dll
%ProgramFiles%\common files\mssoap\wsock32.dll
%ProgramFiles%\common files\odbc\data sources\wsock32.dll
%ProgramFiles%\common files\odbc\wsock32.dll
%ProgramFiles%\common files\safesys.exe
%ProgramFiles%\common files\services\wsock32.dll
%ProgramFiles%\common files\speechengines\microsoft\wsock32.dll
%ProgramFiles%\common files\speechengines\wsock32.dll
%ProgramFiles%\common files\system\ado\wsock32.dll
%ProgramFiles%\common files\system\cftmon.exe
%ProgramFiles%\common files\system\csrsss.exe
%ProgramFiles%\common files\system\dmz32.exe
%ProgramFiles%\common files\system\dscom.exe
%ProgramFiles%\common files\system\exename.exe
%ProgramFiles%\common files\system\libdns.exe
%ProgramFiles%\common files\system\lsass.exe
%ProgramFiles%\common files\system\msadc\wsock32.dll
%ProgramFiles%\common files\system\msc32.exe
%ProgramFiles%\common files\system\msdc32.dll
%ProgramFiles%\common files\system\msiwa32.exe
%ProgramFiles%\common files\system\ndisp32.exe
%ProgramFiles%\common files\system\ole db\wsock32.dll
%ProgramFiles%\common files\system\rag.exe
%ProgramFiles%\common files\system\rager.exe
%ProgramFiles%\common files\system\services.exe
%ProgramFiles%\common files\system\servises.exe
%ProgramFiles%\common files\system\smss.exe
%ProgramFiles%\common files\system\solids.exe
%ProgramFiles%\common files\system\syde12.exe
%ProgramFiles%\common files\system\sysdem32.exe
%ProgramFiles%\common files\system\sysdiag24.exe
%ProgramFiles%\common files\system\taskngr.exe
%ProgramFiles%\common files\system\tsrv.exe
%ProgramFiles%\common files\system\uacs.exe
%ProgramFiles%\common files\system\updaterun.exe
%ProgramFiles%\common files\system\wsock32.dll
%ProgramFiles%\common files\system\x_msy32.dll
%ProgramFiles%\common files\systemdata\svchost.exe
%ProgramFiles%\common files\wise installation wizard\wsock32.dll
%ProgramFiles%\common files\wsock32.dll
Notes:
  • %AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
  • %CommonAppData% is a variable that refers to the file system directory containing application data for all users. A typical path is C:\Documents and Settings\All Users\Application Data.
  • %CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
  • %DownloadedProgramFiles% is a variable that refers to the file system directory containing downloaded program files. A typical path is C:\Windows\Downloaded Program Files.
  • %FontsDir% is a variable that refers to a virtual folder containing fonts. A typical path is C:\Windows\Fonts.
  • %LocalSettings% is a variable that specifies the current user's local settings folder. By default, this is C:\Documents and Settings\[UserName]\Local Settings (Windows NT/2000/XP).
  • %Profiles% is a variable that refers to the file system directory containing user profile folders. A typical path is C:\Documents and Settings.
  • %ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.