ThreatExpert's Statistics for Worm.Win32.Koobface [Ikarus]:

Worm.Win32.Koobface [Ikarus] is also known as:

Threat Alias	Number of Incidents
W32.Koobface.A [Symantec]	2,557
Mal/Generic-A, Mal/KoobHeur-A [Sophos]	2,410
Trojan.Dropper [Symantec]	2,401
VirTool:WinNT/Koobface.gen!D [Microsoft]	2,401
W32/KoobFa-N [Sophos]	2,401
Net-Worm.Win32.Koobface.cln [Kaspersky Lab]	2,352
Trojan-Dropper.Win32.Agent.biin [Kaspersky Lab]	2,352
W32/Koobface.worm.gen.d [McAfee]	2,254
Win32/Koobface.worm.50688.C [AhnLab]	2,156
Win32/Koobface.worm.92672 [AhnLab]	2,156
Net-Worm.Koobface [PC Tools]	1,586
Trojan.Dropper [PC Tools]	1,568
W32/Koobface.worm.gen.r [McAfee]	147
Worm:Win32/Koobface.gen!D [Microsoft]	85
Mal/KoobHeur-A [Sophos]	65
W32.Koobface.D [Symantec]	65
W32/Koobfa-Gen [Sophos]	60
W32/Koobface.worm [McAfee]	49
Mal/Generic-A [Sophos]	29
Net-Worm.Win32.Koobface.bkb [Kaspersky Lab]	28
W32/Koobfa-Gen, W32/Koobfa-Gen [Sophos]	28
W32/Koobface.worm.gen.j [McAfee]	25
Net-Worm.Win32.Koobface.bjq [Kaspersky Lab]	24
Downloader [Symantec]	22
Net-Worm.Win32.Koobface.bno [Kaspersky Lab]	20
Net-Worm.Win32.Koobface.buq [Kaspersky Lab]	19
Generic.dx [McAfee]	14
Suspicious.MH690 [Symantec]	13
W32/Koobface.worm.gen.e [McAfee]	10
Net-Worm.Win32.Koobface.csr [Kaspersky Lab]	9
Trojan.Win32.Scar.asbk [Kaspersky Lab]	9
Trojan-Clicker.Win32.Small.adw [Kaspersky Lab]	9
Mal/EncPk-LW [Sophos]	8
Net-Worm.Win32.Koobface [Ikarus]	8
W32/Koobfa-Gen, Mal/KoobHeur-A [Sophos]	7
Infostealer [Symantec]	6
Backdoor.Win32.Agent.affm [Kaspersky Lab]	5
Trojan.Win32.Agent2.hgm [Kaspersky Lab]	5
Trojan-Spy.Win32.Agent.anap [Kaspersky Lab]	5
Trojan-Spy.WinFlux [PC Tools]	5
W32/Koobface.worm.gen.g [McAfee]	5
Win32/Koobface.worm.36864.H [AhnLab]	5
Backdoor.Win32.Lithium.h [Kaspersky Lab]	4
Net-Worm.Koobface.bjq [PC Tools]	4
Net-Worm.Win32.Koobface.d [Kaspersky Lab]	4
Net-Worm.Win32.Koobface.fx [Kaspersky Lab]	4
Net-Worm.Win32.Koobface.gr [Kaspersky Lab]	4
Trojan Horse [Symantec]	4
Trojan.Win32.Agent.cwzr [Kaspersky Lab]	4
VirTool:WinNT/Koobface.D [Microsoft]	4
Win32/Koobface.worm.49152.H [AhnLab]	4
Win-Trojan/Agent.37632.E [AhnLab]	4
Mal/Generic-A, Mal/EncPk-LW [Sophos]	3
Net-Worm.Win32.Koobface.gj [Kaspersky Lab]	3
W32.Koobface.B [Symantec]	3
Win32/Koobface.worm.47104 [AhnLab]	3
Backdoor.Win32.Lithium.dw [Kaspersky Lab]	2
Generic.dam [McAfee]	2
Mal/EncPk-JB [Sophos]	2
Mal/HckPk-A, W32/Scribble-B [Sophos]	2
Net-Worm.Koobface!sd6 [PC Tools]	2
Net-Worm.Win32.Koobface.awm [Kaspersky Lab]	2
Net-Worm.Win32.Koobface.bgr [Kaspersky Lab]	2
Net-Worm.Win32.Koobface.bjz [Kaspersky Lab]	2
Net-Worm.Win32.Koobface.fn [Kaspersky Lab]	2
New Poly Win32 [McAfee]	2
Trojan.Win32.Small.bvv [Kaspersky Lab]	2
Trojan-Downloader.Win32.Injecter.dix [Kaspersky Lab]	2
W32.Spybot.Worm [Symantec]	2
W32.Virut.CF [Symantec]	2
Win32/Koobface.worm.13312 [AhnLab]	2
Win32/Koobface.worm.29696.B [AhnLab]	2
Win32/Koobface.worm.53760 [AhnLab]	2
Win32/Virut.F [AhnLab]	2
Win-Trojan/Agent.11776.KP [AhnLab]	2
Win-Trojan/Agent.14336.MO [AhnLab]	2
Win-Trojan/Downloader.11776.JQ [AhnLab]	2
Win-Trojan/Downloader.13312.HT [AhnLab]	2
Win-Trojan/Downloader.15360.IR [AhnLab]	2
Backdoor.Agent!sd6 [PC Tools]	1
Backdoor.Lithium!sd6 [PC Tools]	1
Backdoor.Win32.Agent.afci [Kaspersky Lab]	1
Backdoor.Win32.Agent.afdh [Kaspersky Lab]	1
Backdoor.Win32.Agent.ubx [Kaspersky Lab]	1
Backdoor.Win32.Agent.udx [Kaspersky Lab]	1
Backdoor.Win32.Lithium.dy [Kaspersky Lab]	1
Generic BackDoor [McAfee]	1
Generic Downloader.x [McAfee]	1
Generic.dx!bjv [McAfee]	1
Generic.dx!bny [McAfee]	1
Generic.dx!cv [McAfee]	1
Generic.dx!h [McAfee]	1
Generic.dx!v [McAfee]	1
Generic.dx!x [McAfee]	1
Mal/EncPk-IO [Sophos]	1
Mal/Koobface-A, Mal/EncPk-LW [Sophos]	1
Net-Worm.Win32.Koobface.afh [Kaspersky Lab]	1
Net-Worm.Win32.Koobface.akw [Kaspersky Lab]	1
Net-Worm.Win32.Koobface.aqm [Kaspersky Lab]	1
Net-Worm.Win32.Koobface.asg [Kaspersky Lab]	1

Worm.Win32.Koobface [Ikarus] has the following possible countries of origin:

Origin		Number of Incidents
	Australia	5
	Finland	5
	Russian Federation	5

Worm.Win32.Koobface [Ikarus] is known to be created as:

%System%\drivers\fio32.sys

%System%\fio32.dll

%Temp%\ld12.exe

%Windir%\bolivar23.exe

%Windir%\bolivar24.exe

%Windir%\bolivar25.exe

%Windir%\bolivar31.exe

%Windir%\freddy35.exe

%Windir%\freddy38.exe

%Windir%\freddy39.exe

%Windir%\freddy46.exe

%Windir%\freddy49.exe

%Windir%\freddy50.exe

%Windir%\freddy52.exe

%Windir%\freddy55.exe

%Windir%\ld02.exe

%Windir%\ld03.exe

%Windir%\ld04.exe

%Windir%\ld06.exe

%Windir%\ld07.exe

%Windir%\ld08.exe

%Windir%\ld09.exe

%Windir%\ld10.exe

%Windir%\ld11.exe

%Windir%\ld12.exe

%Windir%\ld14.exe

%Windir%\ld16.exe

%Windir%\mstre15.exe

%Windir%\mstre16.exe

%Windir%\mstre17.exe

%Windir%\mstre18.exe

%Windir%\mstre19.exe

%Windir%\mstre24.exe

%Windir%\pp03.exe

%Windir%\pp04.exe

%Windir%\pp05.exe

%Windir%\pp06.exe

%Windir%\pp09.exe

%Windir%\pp1.exe

%Windir%\pp12.exe

%Windir%\pp14.exe

%Windir%\rdr_1253304947.exe

%Windir%\rdr_1258596882.exe

%Windir%\rdr_1258596968.exe

%Windir%\rdr_1258679102.exe

%Windir%\rdr_1258679193.exe

%Windir%\rdr_1258845709.exe

%Windir%\rdr_1258845796.exe

%Windir%\rdr_1258927972.exe

%Windir%\rdr_1258928047.exe

%Windir%\rdr_1258962237.exe

%Windir%\rdr_1258962237.exe.exe

%Windir%\rdr_1258995288.exe

%Windir%\rdr_1258995376.exe

%Windir%\rdr_1259008637.exe

%Windir%\rdr_1259008709.exe

%Windir%\rdr_1259113272.exe

%Windir%\rdr_1259113357.exe

%Windir%\rdr_1259136446.exe

%Windir%\rdr_1259136520.exe

%Windir%\rdr_1259136531.exe

%Windir%\rdr_1259166783.exe

%Windir%\rdr_1259166886.exe

%Windir%\rdr_1259172729.exe

%Windir%\rdr_1259172832.exe

%Windir%\rdr_1259233360.exe

%Windir%\rdr_1259233448.exe

%Windir%\rdr_1259269467.exe

%Windir%\rdr_1259269547.exe

%Windir%\rdr_1259311143.exe

%Windir%\rdr_1259311231.exe

%Windir%\rdr_1259356734.exe

%Windir%\rdr_1259356821.exe

%Windir%\rdr_1259465923.exe

%Windir%\rdr_1259465951.exe

%Windir%\rdr_1259465969.exe

%Windir%\rdr_1259465997.exe

%Windir%\rdr_1259466011.exe

%Windir%\rdr_1259466038.exe

%Windir%\rdr_1259466055.exe

%Windir%\rdr_1259466097.exe

%Windir%\rdr_1259595070.exe

%Windir%\rdr_1259595150.exe

%Windir%\rdr_1259621474.exe

%Windir%\rdr_1259621558.exe

%Windir%\rdr_1259621573.exe

%Windir%\rdr_1259622945.exe

%Windir%\rdr_1259623031.exe

%Windir%\rdr_1259679371.exe

%Windir%\rdr_1259679458.exe

%Windir%\rdr_1259711924.exe

%Windir%\rdr_1259712010.exe

%Windir%\rdr_1259718475.exe

%Windir%\rdr_1259718567.exe

%Windir%\rdr_1259729075.exe

%Windir%\rdr_1259729158.exe

%Windir%\rdr_1259899742.exe

%Windir%\rdr_1259899834.exe

%Windir%\rdr_1259911177.exe

%Windir%\rdr_1259911265.exe

Notes:

%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.