ThreatExpert's Statistics for W32.Mabezat.B!inf [Symantec]:

W32.Mabezat.B!inf [Symantec] is also known as:

Threat Alias	Number of Incidents
Virus:Win32/Mabezat.B [Microsoft]	133
W32/Mabezat-B [Sophos]	133
W32/Mabezat.a [McAfee]	131
Worm.Win32.Mabezat.b [Kaspersky Lab]	122
Win32/Mabezat [AhnLab]	104
Worm.Win32.Mabezat.b [Ikarus]	85
PE_MABEZAT.B-1 [Trend Micro]	80
Worm.Mabezat.C [PC Tools]	76
PE_MABEZAT.B-2 [Trend Micro]	50
Virus.Win32.Bifrose [Ikarus]	6
Backdoor.Win32.Bifrose [Ikarus]	4
VirTool.Win32.DelfInject [Ikarus]	4
WORM_DELF.AG [Trend Micro]	3
Backdoor.Win32.Bifrose.bwt [Kaspersky Lab]	2
Backdoor.Win32.Turkojan.amr [Ikarus]	2
Trojan.DL.Agent.XGB [PC Tools]	2
Trojan.Win32.Midgare.soq [Kaspersky Lab]	2
Trojan.Win32.StartPage [Ikarus]	2
Trojan-Dropper.Win32.Agent.ahju [Kaspersky Lab]	2
Trojan-Dropper.Win32.OnLineGames [Ikarus]	2
Worm.Win32.Delf.dw [Kaspersky Lab]	2
Backdoor.Win32.mIRC-based.k [Ikarus]	1
Backdoor.Win32.Turkojan [Ikarus]	1
Backdoor.Win32.Turkojan.amr [Kaspersky Lab]	1
BackDoor-ARL [McAfee]	1
Constructor/Bifrose.1916928 [AhnLab]	1
PE_SALITY.AE [Trend Micro]	1
Troj/Turkoj-A [Sophos]	1
Trojan.Midgare.EYZ [PC Tools]	1
Trojan.Win32.ProcessHijack [Ikarus]	1
Trojan-Downloader.Win32.Banload [Ikarus]	1
Trojan-Dropper.Agent [Ikarus]	1
VirTool.Win32.Joiner [Ikarus]	1
VirTool.Win32.Joiner.m [Kaspersky Lab]	1
Virus.Win32.Alman [Ikarus]	1
Virus.Win32.Hidrag.A [Ikarus]	1
W32/Delf.gen [McAfee]	1
W32/Mabezat.c [McAfee]	1
Win32.Mabezat.b [Kaspersky Lab]	1
Win32/Sachiel.worm.29187 [AhnLab]	1
Win32/Xema.worm.492544 [AhnLab]	1
Win-Trojan/Agent.42365 [AhnLab]	1
Win-Trojan/Bifrose.2161664 [AhnLab]	1
Win-Trojan/Turkojan.2805760 [AhnLab]	1
Win-Trojan/Xema.variant [AhnLab]	1
Worm.Autoit [Ikarus]	1
Worm.Mabezat!ct [PC Tools]	1
Worm.Sachiel.D [PC Tools]	1
Worm.Win32.AutoRun.cis [Kaspersky Lab]	1

W32.Mabezat.B!inf [Symantec] has the following possible countries of origin:

Origin		Number of Incidents
	Saudi Arabia	115
	Sweden	10
	Russian Federation	7
	Belgium	3
	France	3
	Germany	2
	Netherlands	2
	United Kingdom	2
	Brazil	1
	Denmark	1
	Romania	1
	Spain	1
	Taiwan	1

W32.Mabezat.B!inf [Symantec] is known to be created as:

%AppData%\bifrost\server.exe

%AppData%\lsass.exe

%AppData%\smss.exe

%AppData%\svchost.exe

%LocalSettings%\tempconjug.exe

%Profiles%\bifrost-private-special.exe

%ProgramFiles%\dyndns updater\dyndns.exe

%ProgramFiles%\dyndns updater\unins000.exe

%ProgramFiles%\microsoft office\winword.exe

%ProgramFiles%\mirc\irc bot\services.exe

%ProgramFiles%\utorrent\utorrent.exe

%System%\340510867285l.exe

%System%\773043211538l.exe

%System%\bifrost.exe

%System%\msnphoto.scr

%System%\winfiles.exe

%Temp%\ducsetup.exe

%Temp%\glb1a2b.exe

%Templates%\o20303z\service.exe

%Templates%\o20303z\tuxo20303z.exe

%Templates%\o20303z\winlogon.exe

%Templates%\o86068z\service.exe

%Templates%\o86068z\tuxo86068z.exe

%Templates%\o86068z\winlogon.exe

%Windir%\inf\smss.exe

%Windir%\m02485\ja523486blay.com

%Windir%\m02485\smss.exe

%Windir%\m02485\systray.exe

%Windir%\m57151\emangeloh.exe

%Windir%\m57151\ja278153blay.com

%Windir%\m57151\smss.exe

%Windir%\sa-187411.exe

%Windir%\sa-421844.exe

%Windir%\ti211538ta.exe

%Windir%\ti867285ta.exe

%Windir%\winfiles.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%LocalSettings% is a variable that specifies the current user's local settings folder. By default, this is C:\Documents and Settings\[UserName]\Local Settings (Windows NT/2000/XP).
%Profiles% is a variable that refers to the file system directory containing user profile folders. A typical path is C:\Documents and Settings.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%Templates% is a variable that refers to the file system directory that serves as a common repository for document templates. A typical path is C:\Documents and Settings\[UserName]\Templates.
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.