Threat Search: 

ThreatExpert's Statistics for Trojan.Win32.Waledac [Ikarus]:

Trojan.Win32.Waledac [Ikarus] is also known as:
Threat AliasNumber of Incidents
W32.Waledac [Symantec]65
Mal/WaledPak-A [Sophos]23
Trojan:Win32/Waledac.gen!A [Microsoft]21
W32/Waledac.gen.e [McAfee]18
Trojan Horse [Symantec]16
Packed.Win32.Krap.i [Kaspersky Lab]14
Mal/WaledPak-A, Mal/TibsPk-D [Sophos]13
Net-Worm.Waledac [PC Tools]13
HeurEngine.Waledac [PC Tools]12
Packed.Win32.Krap.m [Kaspersky Lab]11
Email-Worm.Iksmas!sd6 [PC Tools]10
Generic.dx [McAfee]10
W32/Waledac.gen.h [McAfee]10
Mal/Generic-A [Sophos]9
Spam-Mailbot.h.gen.a [McAfee]8
Mal/WaledPak-B, Mal/WaledPak-A [Sophos]6
W32/Waledac.gen [McAfee]6
W32/Waled-Gen [Sophos]6
Mal/WaledPak-B [Sophos]5
Downloader [Symantec]4
Mal/WaledPak-D, Mal/WaledPak-B [Sophos]4
Win-Trojan/Krap.25601 [AhnLab]4
Email-Worm.Win32.Iksmas.f [Kaspersky Lab]3
Mal/WaledPak-D, Mal/WaledPak-B, Mal/WaledPak-A [Sophos]3
Trojan:Win32/Waledac.B [Microsoft]3
W32/Waledac [McAfee]3
W32/Waledac.gen.a [McAfee]3
W32/Waledac.gen.c [McAfee]3
Email-Worm.Win32.Iksmas.df [Kaspersky Lab]2
Email-Worm.Win32.Iksmas.gen [Kaspersky Lab]2
Generic Downloader.x [McAfee]2
Mal/WaledPak-A, Mal/Waledec-A, Mal/EncPk-EV [Sophos]2
Trojan-Downloader.Win32.Agent.ayxy [Kaspersky Lab]2
TrojanDownloader:Win32/Bredolab.B [Microsoft]2
W32/Waledac.gen.b [McAfee]2
W32/Waledac.gen.j [McAfee]2
W32/Waled-P [Sophos]2
WORM_WALEDAC.SR [Trend Micro]2
Backdoor.Trojan [Symantec]1
Backdoor.Win32.Hupigon.gflu [Kaspersky Lab]1
Backdoor.Win32.Zdoogu.ai [Kaspersky Lab]1
Email-Worm.Win32.Iksmas.a [Kaspersky Lab]1
Email-Worm.Win32.Iksmas.afb [Kaspersky Lab]1
Email-Worm.Win32.Iksmas.age [Kaspersky Lab]1
Email-Worm.Win32.Iksmas.agq [Kaspersky Lab]1
Email-Worm.Win32.Iksmas.agr [Kaspersky Lab]1
Email-Worm.Win32.Iksmas.alm [Kaspersky Lab]1
Email-Worm.Win32.Iksmas.ape [Kaspersky Lab]1
Email-Worm.Win32.Iksmas.atz [Kaspersky Lab]1
Email-Worm.Win32.Iksmas.bp [Kaspersky Lab]1
Email-Worm.Win32.Iksmas.ci [Kaspersky Lab]1
Email-Worm.Win32.Iksmas.cmd [Kaspersky Lab]1
Email-Worm.Win32.Iksmas.cmf [Kaspersky Lab]1
Email-Worm.Win32.Iksmas.dh [Kaspersky Lab]1
Email-Worm.Win32.Iksmas.dif [Kaspersky Lab]1
Email-Worm.Win32.Iksmas.do [Kaspersky Lab]1
Email-Worm.Win32.Iksmas.eb [Kaspersky Lab]1
Email-Worm.Win32.Iksmas.ei [Kaspersky Lab]1
Email-Worm.Win32.Iksmas.ej [Kaspersky Lab]1
Email-Worm.Win32.Iksmas.eo [Kaspersky Lab]1
Email-Worm.Win32.Iksmas.ep [Kaspersky Lab]1
Email-Worm.Win32.Iksmas.fp [Kaspersky Lab]1
Email-Worm.Win32.Iksmas.fq [Kaspersky Lab]1
Email-Worm.Win32.Iksmas.h [Kaspersky Lab]1
Email-Worm.Win32.Iksmas.jf [Kaspersky Lab]1
Email-Worm.Win32.Iksmas.ns [Kaspersky Lab]1
Email-Worm.Win32.Iksmas.p [Kaspersky Lab]1
Email-Worm.Win32.Iksmas.qh [Kaspersky Lab]1
Email-Worm.Win32.Iksmas.ts [Kaspersky Lab]1
Email-Worm.Win32.Iksmas.u [Kaspersky Lab]1
Email-Worm.Win32.Iksmas.ud [Kaspersky Lab]1
Email-Worm.Win32.Iksmas.ww [Kaspersky Lab]1
FakeAlert-AB [McAfee]1
Generic BackDoor [McAfee]1
Generic Downloader.ab [McAfee]1
Generic.dx!bfd [McAfee]1
IM-Worm.Win32.Agent.ml [Kaspersky Lab]1
Infostealer.Gampass [Symantec]1
Mal/EncPk-HJ [Sophos]1
Mal/EncPk-JX, Mal/BredoPk-B [Sophos]1
Mal/Swizzor-D, Mal/WaledPak-A [Sophos]1
Mal/WaledPak-H [Sophos]1
Mal/WaledPak-H, Mal/WaledPak-G [Sophos]1
Packed.Generic.210 [Symantec]1
Packed.Win32.NSAnti.ew [Kaspersky Lab]1
PE_VIRUT.AV [Trend Micro]1
Spammer:Win32/Tedroo.gen!A [Microsoft]1
Spammer:Win32/Tedroo.I [Microsoft]1
Suspicious.MH690 [Symantec]1
Troj/Agent-ILV [Sophos]1
Troj/Waled-BR [Sophos]1
Troj/Waled-BV [Sophos]1
Trojan.Agent!sd6 [PC Tools]1
Trojan.Win32.Agent.aysk [Kaspersky Lab]1
Trojan.Win32.Agent.azxj [Kaspersky Lab]1
Trojan.Win32.Agent.bimb [Kaspersky Lab]1
Trojan.Win32.Monderc.w [Kaspersky Lab]1
Trojan.Win32.Pakes.mqd [Kaspersky Lab]1
Trojan.Win32.Spamer.l [Kaspersky Lab]1
Trojan:Win32/Fakeinit [Microsoft]1

Trojan.Win32.Waledac [Ikarus] has the following possible countries of origin:
OriginNumber of Incidents
Russian Federation9
China2

Trojan.Win32.Waledac [Ikarus] is known to be created as:
%ProgramFiles%\advancedvirusremover\pavrm.exe
%ProgramFiles%\messenger\msnmsgr.exe
%System%\digeste.dll
%System%\sdra64.exe
%System%\wbem\proquota.exe
%Temp%\0.exe
%Temp%\kafan virlist 2009.04.07\090407-3-4.exe
%Windir%\msauc.exe
%Windir%\winlogon.exe
Notes:
  • %ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
  • %System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
  • %Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
  • %Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.