ThreatExpert's Statistics for Win32/MalPackedB.suspicious [AhnLab]:

Win32/MalPackedB.suspicious [AhnLab] is also known as:

Threat Alias	Number of Incidents
Packed.Generic.138 [Symantec]	91
Mal/Generic-A [Sophos]	84
Mal/EncPk-DM [Sophos]	80
Packed.Generic.56 [Symantec]	76
New Win32 [McAfee]	75
Suspicious.MH690 [Symantec]	52
Mal/EncPk-CU [Sophos]	45
Trojan Horse [Symantec]	43
Generic Malware.eb [McAfee]	39
Trojan-Downloader.Win32.Banload [Ikarus]	34
Trojan-Banker.Win32.Banker [Ikarus]	31
TrojanDownloader:Win32/Banload.gen!N [Microsoft]	30
Mal/EncPk-AO [Sophos]	28
HeurEngine.Packed-Xcomp [PC Tools]	27
Packer.RLPack.D [Ikarus]	26
VirTool:Win32/DelfInject.gen!AC [Microsoft]	25
Virus.Win32.Agent.GZY [Ikarus]	24
Backdoor.Graybird [Symantec]	23
Mal_Banker [Trend Micro]	23
Packer.RLPack [Ikarus]	23
VirTool.Win32.DelfInject [Ikarus]	20
Email-Worm.Win32.Bagle.of [Kaspersky Lab]	18
TROJ_BAGLE.AO [Trend Micro]	18
Trojan.Lodeight.C [Symantec]	18
Trojan.Win32.LaSta [Ikarus]	16
Trojan-Banker.Win32.Banker.aoiz [Kaspersky Lab]	16
W32/Bagle.gen [McAfee]	16
Worm:Win32/Bagle.gen!C [Microsoft]	16
Email-Worm.Win32.Bagle [Ikarus]	15
Generic.dx [McAfee]	15
TrojanSpy:Win32/Bancos.gen!C [Microsoft]	15
Backdoor.Graybird [PC Tools]	14
Mal/Packer [Sophos]	13
Trojan.Generic [PC Tools]	12
Mal/EncPk-EE [Sophos]	11
Mal/Packer, Mal/Behav-191, Mal/Bagpk-D [Sophos]	11
Backdoor.Rbot [Ikarus]	10
HeurEngine.MaliciousPacker [PC Tools]	10
Trojan-Banker.Win32.Agent [Ikarus]	10
W32.Spybot.Worm [Symantec]	10
Trojan.Banker.LAR [Ikarus]	9
Trojan.Win32.VB.mxl [Kaspersky Lab]	9
TrojanSpy:Win32/Banker.USY [Microsoft]	9
Backdoor.Trojan [Symantec]	8
New Malware.dz [McAfee]	8
Trojan-Dropper.Delf [Ikarus]	8
Mal/UnkPack-Fam [Sophos]	7
Packer.XComp [Ikarus]	7
Trojan.Lodeight!sd6 [PC Tools]	7
W32.IRCBot [Symantec]	7
Backdoor:Win32/Rbot.gen [Microsoft]	6
Mal/EncPk-CU, Troj/Bnkmr-Fam [Sophos]	6
Trojan.Crypt [Ikarus]	6
Trojan.IRCBot [PC Tools]	6
VirTool:Win32/DelfInject.gen!X [Microsoft]	6
Virus.Win32.Agent.KHA [Ikarus]	6
Virus.Win32.Bifrose [Ikarus]	6
Worm:Win32/Bancos.F [Microsoft]	6
Backdoor.Win32.Hupigon [Ikarus]	5
Downloader [Symantec]	5
Mal/Banspy-F, Mal/Behav-249 [Sophos]	5
PWS-Banker [McAfee]	5
Trojan-Banker.Win32.Banker.akeb [Kaspersky Lab]	5
Trojan-Banker.Win32.Banker.sdu [Kaspersky Lab]	5
Trojan-PSW.Win32.Agent.nwu [Kaspersky Lab]	5
Trojan-PWS.Win32.Agent [Ikarus]	5
Virus.Win32.Induc.a [Kaspersky Lab]	5
Backdoor.Win32.Hupigon.axbr [Kaspersky Lab]	4
Backdoor.Win32.Small.dvw [Kaspersky Lab]	4
Bloodhound.Bancos.1 [Symantec]	4
Constructor.Win32.SlhBack.aj [Kaspersky Lab]	4
Exploit:Win32/MS08067.gen!A [Microsoft]	4
Gen.Trojan [Ikarus]	4
Generic Downloader.x [McAfee]	4
Infostealer.Bancos!gen [Symantec]	4
Mal/Banker-B, Mal/EncPk-CU [Sophos]	4
Mal/Behav-103, Mal/Emogen-Q, Mal/Behav-043 [Sophos]	4
Mal/Behav-130 [Sophos]	4
Mal/Behav-188 [Sophos]	4
Mal/DelpBanc-A, Mal/Banspy-F [Sophos]	4
Mal/VB-A [Sophos]	4
New Malware.ix [McAfee]	4
possible-Threat.Patch.ADOBE [Ikarus]	4
PWS:Win32/Hupigon.AAA [Microsoft]	4
PWS-Banker.gen.cg [McAfee]	4
Spyware.Ardakey [PC Tools]	4
Spyware.Ardakey [Symantec]	4
Spyware.Screenspy [Symantec]	4
Troj/Hupig-Gen, Mal/Hupig-G, Mal/Behav-043, Mal/EncPk-AP [Sophos]	4
Trojan.Lodeight [PC Tools]	4
Trojan.Win32.Agent.ataz [Kaspersky Lab]	4
Trojan.Win32.Buzus [Ikarus]	4
Trojan:Win32/Malex.gen!E [Microsoft]	4
Trojan:Win32/Sisron [Microsoft]	4
Trojan-Banker.Win32.Bancos.cal [Kaspersky Lab]	4
Trojan-Banker.Win32.Banker.aggw [Kaspersky Lab]	4
Trojan-Banker.Win32.Banker.ahvx [Kaspersky Lab]	4
Trojan-Banker.Win32.Banker.akbr [Kaspersky Lab]	4
Trojan-Banker.Win32.Banker.gcs [Kaspersky Lab]	4
Trojan-Banker.Win32.Banz [Ikarus]	4

Win32/MalPackedB.suspicious [AhnLab] has the following possible countries of origin:

Origin		Number of Incidents
	Brazil	181
	China	40
	United Kingdom	20
	Russian Federation	17
	Germany	15
	Saudi Arabia	10
	France	8
	Spain	7
	Sweden	7
	Belgium	5
	Israel	5
	Indonesia	4
	Australia	3
	Poland	3
	Netherlands	2
	Portugal	2
	Republic of Korea	2
	Argentina	1
	Austria	1
	Canada	1
	Colombia	1
	Costa Rica	1
	Denmark	1
	Egypt	1
	Taiwan	1

Win32/MalPackedB.suspicious [AhnLab] is known to be created as:

%AppData%\hidires\flec003.exe

%AppData%\m\flec006.exe

%AppData%\svchost.exe

%CommonAppData%\13146404\13146404.exe

%CommonPrograms%\startup\syslyn_update.exe

%CommonPrograms%\startup\windows32.exe

%FontsDir%\unwise_.exe

%ProgramFiles%\ad muncher\admunch.exe

%ProgramFiles%\common files\system\dscom.exe

%ProgramFiles%\rlpack\rlpack.exe

%ProgramFiles%\syntpenh.exe

%ProgramFiles%\windows live\messenger\qtttask.exe

%System%\avg.exe

%System%\avgscan.exe

%System%\dllcache\ctfmon.exe

%System%\drivers\txplatform.exe

%System%\drives\systemdriver.sys

%System%\file.exe

%System%\fygood.exe

%System%\installavg.exe

%System%\mdelk.exe

%System%\msnmsgr.exe

%System%\okie.exe

%System%\rpcs.exe

%System%\runya\runya.exe

%System%\scvhost.exe

%System%\smssv.exe

%System%\soundman.exe

%System%\svchosts.exe

%System%\syste.exe

%System%\uwdx.exe

%System%\winsgx.exe

%System%\wintems.exe

%System%\wiskyx.exe

%Temp%\090322-b-16.exe

%Temp%\090322-b-2.exe

%Temp%\090412-1-8.exe

%Temp%\1.exe

%Temp%\2.exe

%Temp%\2008_misswe.exe

%Temp%\3.exe

%Temp%\338mu\beep.exe

%Temp%\45.exe

%Temp%\abdou.exe

%Temp%\acrord32.exe

%Temp%\admin2.exe

%Temp%\hh_stealer.exe

%Temp%\icrypt3.2.exe

%Temp%\ixp000.tmp\3.exe

%Temp%\keygen.exe

%Temp%\meong.exe

%Temp%\rarsfx0\1.9.exe

%Temp%\rarsfx0\2.exe

%Temp%\rarsfx0\admin.exe

%Temp%\rarsfx0\svchost.exe

%Temp%\rarsfx0\voo365_05.exe

%Temp%\s9.exe

%Windir%\avg.exe

%Windir%\connects.exe

%Windir%\csrss.exe

%Windir%\ctfmon.exe

%Windir%\help\goldfinger.dll

%Windir%\help\objsel.dll

%Windir%\ime\svch0st.exe

%Windir%\ld12.exe

%Windir%\mdelk.exe

%Windir%\meong.exe

%Windir%\rejoice2008.exe

%Windir%\taekman.exe

%Windir%\taskmgr.exe

%Windir%\windows.dll

%Windir%\windows32.dll

%Windir%\wintems.exe

c:\cps\cpsdlg.exe

c:\recycle.{645ff040-5081-101b-9f08-00aa002f954e}\rav32.exe

c:\recycler.exe

c:\restore\k-1-3542-4232123213-7676767-8888886\wins32.exe

c:\xuxuzim.exe

Notes:

%AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data.
%CommonAppData% is a variable that refers to the file system directory containing application data for all users. A typical path is C:\Documents and Settings\All Users\Application Data.
%CommonPrograms% is a variable that refers to the file system directory that contains the directories for the common program groups that appear on the Start menu for all users. A typical path is C:\Documents and Settings\All Users\Start Menu\Programs (Windows NT/2000/XP).
%FontsDir% is a variable that refers to a virtual folder containing fonts. A typical path is C:\Windows\Fonts.
%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.