Threat Search: 

ThreatExpert's Statistics for W32.Harakit [Symantec]:

W32.Harakit [Symantec] is also known as:
Threat AliasNumber of Incidents
Packed.Win32.Klone.bj [Kaspersky Lab]267
Packed.Win32.Klone [Ikarus]155
Worm:AutoIt/Renocide.gen!C [Microsoft]104
Mal/Generic-A [Sophos]66
Trojan.Autoit [Ikarus]60
Worm:AutoIt/Renocide.gen!A [Microsoft]56
WORM_AUTORUN.HP [Trend Micro]42
Mal/Behav-299 [Sophos]40
Trojan.Win32.Autoit [Ikarus]40
QHosts-84 [McAfee]33
Troj/Dwnldr-HPN [Sophos]33
Win-Trojan/Qhost.61440.E [AhnLab]33
Trojan-Downloader.Win32.FraudLoad.vnjh [Kaspersky Lab]32
Virus.Worm.Win32.AutoIt.cq [Ikarus]32
Worm:AutoIt/Renocide.gen!B [Microsoft]28
WORM_BRACEY.CP [Trend Micro]28
Trojan:Win32/Antivirusxp [Microsoft]24
WORM_AUTORUN.HOZ [Trend Micro]24
Trojan.Win32.Midgare.uik [Kaspersky Lab]22
Trojan.Win32.Autoit.dt [Ikarus]19
Generic.dx [McAfee]17
Trojan.Win32.Agent2.efp [Kaspersky Lab]17
Trojan:Win32/Meredrop [Microsoft]16
Mal/Inet-Fam [Sophos]15
W32/Autorun.worm.n [McAfee]14
Win-Trojan/Midgare.229888 [AhnLab]13
Worm.Win32.Podik.b [Kaspersky Lab]11
Win-Trojan/Midgare.236544 [AhnLab]10
Trojan:Win32/Fakeinit [Microsoft]9
Trojan-Downloader.Win32.FraudLoad [Ikarus]9
W32/YahLover.worm.gen [McAfee]7
Worm.Autoit [Ikarus]7
Worm.Win32.AutoIt [Ikarus]7
Worm.Win32.AutoIt.oa [Kaspersky Lab]7
Worm.AutoIt!sd6 [PC Tools]6
Trojan.Midgare.uik [PC Tools]5
Trojan.Win32.Midgare [Ikarus]5
Trojan-Dropper.Win32.Autoit.k [Kaspersky Lab]5
Win-Trojan/Midgare.229888.B [AhnLab]5
Worm.Win32.AutoIt.pl [Kaspersky Lab]5
IM-Worm.Win32.Sohanad.gen [Kaspersky Lab]4
Trojan.Win32.Autoit.xp [Kaspersky Lab]4
Trojan-Dropper.Win32.Agent.afpc [Kaspersky Lab]4
Virus.Win32.Sality [Ikarus]4
Win-Trojan/Midgare.333312 [AhnLab]4
Worm.Win32.AutoIt.jo [Kaspersky Lab]4
Worm.Win32.AutoRun [Ikarus]4
Generic Dropper [McAfee]3
Trojan.Autoit [PC Tools]3
Trojan.Win32.Autoit.fn [Kaspersky Lab]3
Worm.AutoIt.dn [PC Tools]3
Worm:AutoIt/Renocide.AB [Microsoft]3
WORM_AUTORUN.AB [Trend Micro]3
Trojan.Win32.Autoit.ew [Kaspersky Lab]2
Trojan.Win32.Autoit.fi [Kaspersky Lab]2
Trojan.Win32.Autoit.fj [Kaspersky Lab]2
Trojan.Win32.Autoit.go [Kaspersky Lab]2
Trojan.Win32.Autoit.hp [Kaspersky Lab]2
W32/YahLover.worm [McAfee]2
W32/Yahlover.worm.gen.f [McAfee]2
Worm.AutoIt [PC Tools]2
Worm.Win32.AutoIt.jp [Kaspersky Lab]2
Worm.Win32.Podik [Ikarus]2
Worm:AutoIt/Renocide.AC [Microsoft]2
Worm:AutoIt/Renocide.AS [Microsoft]2
Email-Worm.Win32.Brontok.ab [Ikarus]1
Generic PWS.ap [McAfee]1
IM-Worm.Win32.Sohanad [Ikarus]1
Mal/Inet-Fam, Mal/Behav-299 [Sophos]1
Mal/Packer [Sophos]1
Mal/Sality-B [Sophos]1
Mal/Sohana-A [Sophos]1
Mal/Sohana-B, Mal/Sohana-A [Sophos]1
PE_SALITY.EN [Trend Micro]1
TROJ_MALBEHV.MCS [Trend Micro]1
Trojan.Midgare!sd6 [PC Tools]1
Trojan.Win32.Autoit.ey [Kaspersky Lab]1
Trojan.Win32.Autoit.fd [Kaspersky Lab]1
Trojan.Win32.Autoit.fe [Kaspersky Lab]1
Trojan.Win32.Autoit.fq [Kaspersky Lab]1
Trojan.Win32.Autoit.fz [Kaspersky Lab]1
Trojan.Win32.Autoit.gv [Kaspersky Lab]1
Trojan.Win32.Autoit.hj [Kaspersky Lab]1
Trojan.Win32.Autoit.hv [Kaspersky Lab]1
Trojan.Win32.Autoit.jb [Kaspersky Lab]1
Trojan.Win32.Autoit.js [Kaspersky Lab]1
Trojan.Win32.Autoit.jy [Kaspersky Lab]1
Trojan.Win32.Autoit.jz [Kaspersky Lab]1
Trojan.Win32.Autoit.vh [Kaspersky Lab]1
Trojan.Win32.Autoit.vi [Kaspersky Lab]1
Trojan.Win32.Autoit.vw [Kaspersky Lab]1
Trojan.Win32.Autoit.wq [Kaspersky Lab]1
Trojan.Win32.Autoit.zl [Kaspersky Lab]1
Trojan.Win32.Midgare.pvo [Kaspersky Lab]1
Trojan:Win32/Malagent [Microsoft]1
Trojan-Downloader.Win32.AutoIt.ig [Kaspersky Lab]1
Trojan-Downloader.Win32.FraudLoad.dze [Kaspersky Lab]1
Trojan-Dropper.Agent [Ikarus]1
Trojan-Dropper.Autoit!sd6 [PC Tools]1
Trojan-Dropper.Win32.Autoit [Ikarus]1

W32.Harakit [Symantec] has the following possible countries of origin:
OriginNumber of Incidents
United Kingdom287
Russian Federation257
Singapore27
Iran24
France16
Sweden10
Belgium4
Slovenia2
Iceland1
Japan1

W32.Harakit [Symantec] is known to be created as:
%AllUsersProfile%\desktop.exe
%AllUsersProfile%\favorites.exe
%AppData%\microsoft\cd burning\khatra.exe
%CommonDesktopDir%\desktop.exe
%CommonFavorites%\favorites.exe
%DesktopDir%\desktop.exe
%System%\bycool1\windo.exe
%System%\chrome.exe
%System%\csrcs.exe
%System%\gphone.exe
%System%\khatra.exe
%System%\regsvr.exe
%Temp%\20090320\mtoiop.exe
%Temp%\dewegabu.exe
%Temp%\herifolu.exe
%Temp%\heuztf.exe
%Temp%\juvilisi.exe
%Temp%\sent2pct\20090320\mtoiop.exe
%Temp%\twfwgn.exe
%Temp%\zafifiwo.exe
%UserProfile%\desktop.exe
%Windir%\chrome.exe
%Windir%\gphone.exe
%Windir%\khatarnakh.exe
%Windir%\regsvr.exe
%Windir%\system\ghost.exe
%Windir%\xplorer.exe
c:\inetpub.exe
c:\inetpub\inetpub.exe
c:\khatra.exe
Notes:
  • %AllUsersProfile% is a variable that specifies the all users' profile folder. By default, this is C:\Documents and Settings\All Users (Windows NT/2000/XP).
  • %AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
  • %CommonDesktopDir% is a variable that refers to the file system directory that contains files and folders that appear on the desktop for all users. A typical path is C:\Documents and Settings\All Users\Desktop (Windows NT/2000/XP).
  • %CommonFavorites% is a variable that refers to the file system directory that serves as a common repository for all users' favorite items. A typical path is C:\Documents and Settings\All Users\Favorites (Windows NT/2000/XP).
  • %DesktopDir% is a variable that refers to the file system directory used to physically store file objects on the desktop. A typical path is C:\Documents and Settings\[UserName]\Desktop.
  • %System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
  • %Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
  • %UserProfile% is a variable that specifies the current user's profile folder. By default, this is C:\Documents and Settings\[UserName] (Windows NT/2000/XP).
  • %Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.