Threat Search: 

ThreatExpert's Statistics for Win32/MalPackedB.suspicious [AhnLab]:

Win32/MalPackedB.suspicious [AhnLab] is also known as:
Threat AliasNumber of Incidents
Packed.Generic.138 [Symantec]91
Mal/Generic-A [Sophos]84
Mal/EncPk-DM [Sophos]80
Packed.Generic.56 [Symantec]76
New Win32 [McAfee]75
Suspicious.MH690 [Symantec]52
Mal/EncPk-CU [Sophos]45
Trojan Horse [Symantec]43
Generic Malware.eb [McAfee]39
Trojan-Downloader.Win32.Banload [Ikarus]34
Trojan-Banker.Win32.Banker [Ikarus]31
TrojanDownloader:Win32/Banload.gen!N [Microsoft]30
Mal/EncPk-AO [Sophos]28
HeurEngine.Packed-Xcomp [PC Tools]27
Packer.RLPack.D [Ikarus]26
VirTool:Win32/DelfInject.gen!AC [Microsoft]25
Virus.Win32.Agent.GZY [Ikarus]24
Backdoor.Graybird [Symantec]23
Mal_Banker [Trend Micro]23
Packer.RLPack [Ikarus]23
VirTool.Win32.DelfInject [Ikarus]20
Email-Worm.Win32.Bagle.of [Kaspersky Lab]18
TROJ_BAGLE.AO [Trend Micro]18
Trojan.Lodeight.C [Symantec]18
Trojan.Win32.LaSta [Ikarus]16
Trojan-Banker.Win32.Banker.aoiz [Kaspersky Lab]16
W32/Bagle.gen [McAfee]16
Worm:Win32/Bagle.gen!C [Microsoft]16
Email-Worm.Win32.Bagle [Ikarus]15
Generic.dx [McAfee]15
TrojanSpy:Win32/Bancos.gen!C [Microsoft]15
Backdoor.Graybird [PC Tools]14
Mal/Packer [Sophos]13
Trojan.Generic [PC Tools]12
Mal/EncPk-EE [Sophos]11
Mal/Packer, Mal/Behav-191, Mal/Bagpk-D [Sophos]11
Backdoor.Rbot [Ikarus]10
HeurEngine.MaliciousPacker [PC Tools]10
Trojan-Banker.Win32.Agent [Ikarus]10
W32.Spybot.Worm [Symantec]10
Trojan.Banker.LAR [Ikarus]9
Trojan.Win32.VB.mxl [Kaspersky Lab]9
TrojanSpy:Win32/Banker.USY [Microsoft]9
Backdoor.Trojan [Symantec]8
New Malware.dz [McAfee]8
Trojan-Dropper.Delf [Ikarus]8
Mal/UnkPack-Fam [Sophos]7
Packer.XComp [Ikarus]7
Trojan.Lodeight!sd6 [PC Tools]7
W32.IRCBot [Symantec]7
Backdoor:Win32/Rbot.gen [Microsoft]6
Mal/EncPk-CU, Troj/Bnkmr-Fam [Sophos]6
Trojan.Crypt [Ikarus]6
Trojan.IRCBot [PC Tools]6
VirTool:Win32/DelfInject.gen!X [Microsoft]6
Virus.Win32.Agent.KHA [Ikarus]6
Virus.Win32.Bifrose [Ikarus]6
Worm:Win32/Bancos.F [Microsoft]6
Backdoor.Win32.Hupigon [Ikarus]5
Downloader [Symantec]5
Mal/Banspy-F, Mal/Behav-249 [Sophos]5
PWS-Banker [McAfee]5
Trojan-Banker.Win32.Banker.akeb [Kaspersky Lab]5
Trojan-Banker.Win32.Banker.sdu [Kaspersky Lab]5
Trojan-PSW.Win32.Agent.nwu [Kaspersky Lab]5
Trojan-PWS.Win32.Agent [Ikarus]5
Virus.Win32.Induc.a [Kaspersky Lab]5
Backdoor.Win32.Hupigon.axbr [Kaspersky Lab]4
Backdoor.Win32.Small.dvw [Kaspersky Lab]4
Bloodhound.Bancos.1 [Symantec]4
Constructor.Win32.SlhBack.aj [Kaspersky Lab]4
Exploit:Win32/MS08067.gen!A [Microsoft]4
Gen.Trojan [Ikarus]4
Generic Downloader.x [McAfee]4
Infostealer.Bancos!gen [Symantec]4
Mal/Banker-B, Mal/EncPk-CU [Sophos]4
Mal/Behav-103, Mal/Emogen-Q, Mal/Behav-043 [Sophos]4
Mal/Behav-130 [Sophos]4
Mal/Behav-188 [Sophos]4
Mal/DelpBanc-A, Mal/Banspy-F [Sophos]4
Mal/VB-A [Sophos]4
New Malware.ix [McAfee]4
possible-Threat.Patch.ADOBE [Ikarus]4
PWS:Win32/Hupigon.AAA [Microsoft]4
PWS-Banker.gen.cg [McAfee]4
Spyware.Ardakey [PC Tools]4
Spyware.Ardakey [Symantec]4
Spyware.Screenspy [Symantec]4
Troj/Hupig-Gen, Mal/Hupig-G, Mal/Behav-043, Mal/EncPk-AP [Sophos]4
Trojan.Lodeight [PC Tools]4
Trojan.Win32.Agent.ataz [Kaspersky Lab]4
Trojan.Win32.Buzus [Ikarus]4
Trojan:Win32/Malex.gen!E [Microsoft]4
Trojan:Win32/Sisron [Microsoft]4
Trojan-Banker.Win32.Bancos.cal [Kaspersky Lab]4
Trojan-Banker.Win32.Banker.aggw [Kaspersky Lab]4
Trojan-Banker.Win32.Banker.ahvx [Kaspersky Lab]4
Trojan-Banker.Win32.Banker.akbr [Kaspersky Lab]4
Trojan-Banker.Win32.Banker.gcs [Kaspersky Lab]4
Trojan-Banker.Win32.Banz [Ikarus]4

Win32/MalPackedB.suspicious [AhnLab] has the following possible countries of origin:
OriginNumber of Incidents
Brazil181
China40
United Kingdom20
Russian Federation17
Germany15
Saudi Arabia10
France8
Spain7
Sweden7
Belgium5
Israel5
Indonesia4
Australia3
Poland3
Netherlands2
Portugal2
Republic of Korea2
Argentina1
Austria1
Canada1
Colombia1
Costa Rica1
Denmark1
Egypt1
Taiwan1

Win32/MalPackedB.suspicious [AhnLab] is known to be created as:
%AppData%\hidires\flec003.exe
%AppData%\m\flec006.exe
%AppData%\svchost.exe
%CommonAppData%\13146404\13146404.exe
%CommonPrograms%\startup\syslyn_update.exe
%CommonPrograms%\startup\windows32.exe
%FontsDir%\unwise_.exe
%ProgramFiles%\ad muncher\admunch.exe
%ProgramFiles%\common files\system\dscom.exe
%ProgramFiles%\rlpack\rlpack.exe
%ProgramFiles%\syntpenh.exe
%ProgramFiles%\windows live\messenger\qtttask.exe
%System%\avg.exe
%System%\avgscan.exe
%System%\dllcache\ctfmon.exe
%System%\drivers\txplatform.exe
%System%\drives\systemdriver.sys
%System%\file.exe
%System%\fygood.exe
%System%\installavg.exe
%System%\mdelk.exe
%System%\msnmsgr.exe
%System%\okie.exe
%System%\rpcs.exe
%System%\runya\runya.exe
%System%\scvhost.exe
%System%\smssv.exe
%System%\soundman.exe
%System%\svchosts.exe
%System%\syste.exe
%System%\uwdx.exe
%System%\winsgx.exe
%System%\wintems.exe
%System%\wiskyx.exe
%Temp%\090322-b-16.exe
%Temp%\090322-b-2.exe
%Temp%\090412-1-8.exe
%Temp%\1.exe
%Temp%\2.exe
%Temp%\2008_misswe.exe
%Temp%\3.exe
%Temp%\338mu\beep.exe
%Temp%\45.exe
%Temp%\abdou.exe
%Temp%\acrord32.exe
%Temp%\admin2.exe
%Temp%\hh_stealer.exe
%Temp%\icrypt3.2.exe
%Temp%\ixp000.tmp\3.exe
%Temp%\keygen.exe
%Temp%\meong.exe
%Temp%\rarsfx0\1.9.exe
%Temp%\rarsfx0\2.exe
%Temp%\rarsfx0\admin.exe
%Temp%\rarsfx0\svchost.exe
%Temp%\rarsfx0\voo365_05.exe
%Temp%\s9.exe
%Windir%\avg.exe
%Windir%\connects.exe
%Windir%\csrss.exe
%Windir%\ctfmon.exe
%Windir%\help\goldfinger.dll
%Windir%\help\objsel.dll
%Windir%\ime\svch0st.exe
%Windir%\ld12.exe
%Windir%\mdelk.exe
%Windir%\meong.exe
%Windir%\rejoice2008.exe
%Windir%\taekman.exe
%Windir%\taskmgr.exe
%Windir%\windows.dll
%Windir%\windows32.dll
%Windir%\wintems.exe
c:\cps\cpsdlg.exe
c:\recycle.{645ff040-5081-101b-9f08-00aa002f954e}\rav32.exe
c:\recycler.exe
c:\restore\k-1-3542-4232123213-7676767-8888886\wins32.exe
c:\xuxuzim.exe
Notes:
  • %AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
  • %CommonAppData% is a variable that refers to the file system directory containing application data for all users. A typical path is C:\Documents and Settings\All Users\Application Data.
  • %CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
  • %FontsDir% is a variable that refers to a virtual folder containing fonts. A typical path is C:\Windows\Fonts.
  • %ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
  • %System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
  • %Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
  • %Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.