Threat Search: 

ThreatExpert's Statistics for Trojan.VB [Ikarus]:

Trojan.VB [Ikarus] is also known as:
Threat AliasNumber of Incidents
Mal/Generic-A [Sophos]22
Win-Trojan/Xema.variant [AhnLab]14
Trojan Horse [Symantec]12
Trojan.Adclicker [Symantec]7
Mal/VBAuto-A [Sophos]6
W32.SillyFDC [Symantec]6
Generic AdClicker.p [McAfee]5
Trojan.Generic [PC Tools]5
Trojan.Win32.VB [Ikarus]4
Trojan.Win32.VB.oyl [Kaspersky Lab]4
Backdoor.Trojan [Symantec]3
New Malware.d [McAfee]3
Backdoor.Win32.SdBot.ocb [Kaspersky Lab]2
Downloader [Symantec]2
Generic Dropper.f [McAfee]2
Mal/Inject-H [Sophos]2
Troj/Refpron-K [Sophos]2
Trojan.Win32.VB.nff [Kaspersky Lab]2
Trojan.Win32.VB.pbf [Kaspersky Lab]2
Trojan:Win32/VB.OQ [Microsoft]2
Trojan-Clicker.Win32.VB.czn [Kaspersky Lab]2
Trojan-Spy.Win32.VB.cfq [Kaspersky Lab]2
VirTool:Win32/VBInject.AM [Microsoft]2
Win-Trojan/Clicker.16384.E [AhnLab]2
Win-Trojan/Nyo.90112 [AhnLab]2
Backdoor.Bifrose [PC Tools]1
Backdoor.Bifrose [Symantec]1
Backdoor.Win32.Rbot.afht [Kaspersky Lab]1
Backdoor.Win32.SdBot.odh [Kaspersky Lab]1
Backdoor:Win32/IRCbot!rts [Microsoft]1
DoS.Win32.VB.hk [Kaspersky Lab]1
Generic Downloader.x!bhf [McAfee]1
Generic Downloader.x!lo [McAfee]1
Generic Downloader.x!mw [McAfee]1
Generic.dx [McAfee]1
Generic.dx!baw [McAfee]1
Generic.dx!i [McAfee]1
Generic.dx!knf [McAfee]1
Generic.dx!mks [McAfee]1
HackTool.Win32.Crypt.ej [Kaspersky Lab]1
Infostealer.Refest [Symantec]1
Mal/Emogen-F, Mal/Emogen-H [Sophos]1
Mal/Emogen-H [Sophos]1
Mal/Emogen-P [Sophos]1
Mal/VBDldr-C, Mal/VBDldr-C, Mal/Emogen-B [Sophos]1
Mal/VB-F [Sophos]1
PE_SALITY.JER [Trend Micro]1
Tool-PDUtil [McAfee]1
Troj/Poison-BD [Sophos]1
Troj/VB-EEN [Sophos]1
Trojan.Win32.AutoRun.zj [Kaspersky Lab]1
Trojan.Win32.BHO.abtf [Kaspersky Lab]1
Trojan.Win32.VB.ndj [Kaspersky Lab]1
Trojan.Win32.VB.ndy [Kaspersky Lab]1
Trojan.Win32.VB.ocg [Kaspersky Lab]1
Trojan.Win32.VB.odh [Kaspersky Lab]1
Trojan.Win32.VB.pcv [Kaspersky Lab]1
Trojan.Win32.VB.urr [Kaspersky Lab]1
Trojan.Win32.VB.xlg [Kaspersky Lab]1
Trojan:Win32/Provis!rts [Microsoft]1
Trojan:Win32/VB.TT [Microsoft]1
Trojan-Clicker.Win32.Refpron [Ikarus]1
Trojan-Clicker.Win32.VB.czs [Kaspersky Lab]1
Trojan-Downloader.VB.NQL [PC Tools]1
Trojan-Downloader.Win32.Genome.ague [Kaspersky Lab]1
Trojan-Downloader.Win32.Genome.ih [Kaspersky Lab]1
Trojan-Downloader.Win32.VB.lfv [Kaspersky Lab]1
Trojan-Downloader.Win32.VB.pgf [Kaspersky Lab]1
TrojanDownloader:Win32/Snilis.A [Microsoft]1
TrojanDownloader:Win32/Troxen!rts [Microsoft]1
Trojan-PSW.Refest [PC Tools]1
Virus.Win32.Sality.aa [Kaspersky Lab]1
Virus:Win32/Sality.AM [Microsoft]1
W32.IRCBot [Symantec]1
W32.Sality.AE [Symantec]1
W32/Sality.gen [McAfee]1
W32/Sality-AM [Sophos]1
Win32/Kashu.B [AhnLab]1
Win-Trojan/Agent.185550 [AhnLab]1
Win-Trojan/DownLoader.16384 [AhnLab]1
Win-Trojan/Downloader.16384.NV [AhnLab]1
Win-Trojan/Hhq.45056 [AhnLab]1
Win-Trojan/Wxh.28672 [AhnLab]1

Trojan.VB [Ikarus] has the following possible countries of origin:
OriginNumber of Incidents
Republic of Korea11
China10
Spain9
United Kingdom2
Costa Rica1
Iraq1
Italy1

Trojan.VB [Ikarus] is known to be created as:
%AppData%\cinta_kita.exe
%AppData%\cinta_kita_dulu.exe
%AppData%\gdipfontcachev1.dat.exe
%AppData%\microsoft\helpctr\helpsessionhistory.dat.exe
%AppData%\setupv.exe
%CommonDocuments%\my pictures\sample pictures\sunset.jpg.exe
%CommonDocuments%\my pictures\sample pictures\winter.jpg.exe
%MyDocuments%\my pictures\cinta_kmu.exe
%Profiles%\default user\templates\excel.xls.exe
%Profiles%\default user\templates\excel4.xls.exe
%ProgramFiles%\runit\runit_32.exe
%ProgramFiles%\windows media player\npdrmv2.zip.exe
%ProgramFiles%\windows media player\npds.zip.exe
%ProgramFiles%\windows nt\pinball\font.dat.exe
%ProgramFiles%\windows nt\pinball\pinball.dat.exe
%Programs%\startup\a80d0.exe.exe
%Programs%\startup\cintalaura.com
%Programs%\startup\d5624.exe.exe
%System%\com\comempty.dat.exe
%System%\dctool32.sys
%System%\dpcxool64.sys
%System%\drivers\swds.exe
%System%\dssec.dat.exe
%System%\emptyregdb.dat.exe
%System%\fntcache.dat.exe
%System%\mlang.dat.exe
%System%\noise.dat.exe
%System%\nscps2_v23_131.exe
%System%\oembios.dat.exe
%System%\perfc009.dat.exe
%System%\perfd009.dat.exe
%System%\perfh009.dat.exe
%System%\perfi009.dat.exe
%System%\secupd.dat.exe
%System%\usbflash.com
%System%\wesamwesaim.exe
%Temp%\ixp000.tmp\.download-server.exe
%Temp%\ixp000.tmp\elfannan.exe
%Temp%\kafan virlist 20090713\090713-4-10.exe
%Temp%\kafan virlist 20090713\090713-4-13.exe
%Temp%\kafan virlist 20090713\090713-4-14.exe
%Temp%\stub.exe
%Temp%\usbflash.com
%Templates%\excel.xls.exe
%Templates%\excel4.xls.exe
%Windir%\assembly\nativeimages_v2.0.50727_32\index1b.dat.exe
%Windir%\assembly\nativeimages_v2.0.50727_32\index1c.dat.exe
%Windir%\assembly\pubpol1.dat.exe
%Windir%\bootstat.dat.exe
%Windir%\chelsea.exe
%Windir%\nscps2_v23_131.exe
%Windir%\pchealth\helpctr\offlinecache\index.dat.exe
%Windir%\pchealth\helpctr\system\dvdupgrd\stripe.jpg.exe
%Windir%\resources\themes\wallpapers\bliss.jpg.exe
%Windir%\services.exe
%Windir%\tasks\sa.dat.exe
%Windir%\temp\xtool\xtool.exe
%Windir%\web\wallpaper\ascent.jpg.exe
%Windir%\web\wallpaper\autumn.jpg.exe
%Windir%\web\wallpaper\azul.jpg.exe
%Windir%\web\wallpaper\crystal.jpg.exe
%Windir%\web\wallpaper\follow.jpg.exe
%Windir%\web\wallpaper\friend.jpg.exe
%Windir%\web\wallpaper\home.jpg.exe
%Windir%\web\wallpaper\peace.jpg.exe
%Windir%\web\wallpaper\power.jpg.exe
%Windir%\web\wallpaper\radiance.jpg.exe
%Windir%\web\wallpaper\ripple.jpg.exe
%Windir%\web\wallpaper\stonehenge.jpg.exe
%Windir%\web\wallpaper\tulips.jpg.exe
%Windir%\web\wallpaper\wind.jpg.exe
c:\chelsea.exe
c:\cwek_seksi.exe
c:\filezip.exe
c:\foto_chelseaolivia.exe
c:\fotonya_chelsea.exe
c:\gambarartiscintalaura.exe
c:\gmbr_cwekgw.exe
c:\gmbrcweklampung.exe
c:\inetpub\wwwroot\index.jpg.exe
c:\kumpulan_foto.exe
c:\nono.exe
c:\picture1.exe
c:\poto_cwek.exe
c:\walpaper_anaklampung.exe
Notes:
  • %AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
  • %CommonDocuments% is a variable that refers to the file system directory that contains documents that are common to all users. A typical paths is C:\Documents and Settings\All Users\Documents.
  • %MyDocuments% is a variable that refers to the file system directory used to physically store a user's common repository of documents. A typical path is C:\Documents and Settings\[UserName]\My Documents.
  • %Profiles% is a variable that refers to the file system directory containing user profile folders. A typical path is C:\Documents and Settings.
  • %ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
  • %Programs% is a variable that refers to the file system directory that contains the user's program groups. A typical path is C:\Documents and Settings\[UserName]\Start Menu\Programs.
  • %System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
  • %Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
  • %Templates% is a variable that refers to the file system directory that serves as a common repository for document templates. A typical path is C:\Documents and Settings\[UserName]\Templates.
  • %Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.