khatra.exe Information

ThreatExpert's awareness of the file "khatra.exe":

Across all ThreatExpert reports, the file "khatra.exe" was mostly identified as a threat.

File "khatra.exe" has the following statistics:

Total number of reports analysed 524,597 Number of cases that involved the file "khatra.exe" 81 Number of incidents when this file was found to be a threat 75 Statistical volume of cases when "khatra.exe" was a threat 93%
Notes: Please note that the name of the file should NOT be used to define if it is legitimate or not. Such determination can only be made by observing its dynamic behaviour. In order to check a file, please submit it to ThreatExpert. For a comprehensive pro-active protection against threats, please consider ThreatFire - our behavioral antivirus solution.

The file "khatra.exe" is known to be created under the following filenames:

%AllUsersProfile%\desktop.exe %AllUsersProfile%\favorites.exe %AppData%\microsoft\cd burning\khatra.exe %CommonDesktopDir%\desktop.exe %CommonFavorites%\favorites.exe %DesktopDir%\desktop.exe %System%\khatra.exe %UserProfile%\desktop.exe %Windir%\khatarnakh.exe %Windir%\system\ghost.exe %Windir%\xplorer.exe c:\inetpub.exe c:\inetpub\inetpub.exe c:\inetpub\wwwroot.exe c:\inetpub\wwwroot\wwwroot.exe c:\khatra.exe

Notes: %AllUsersProfile% is a variable that specifies the all users' profile folder. By default, this is C:\Documents and Settings\All Users (Windows NT/2000/XP). %AppData% is a variable that refers to the file system directory that serves as a common repository for application-specific data. A typical path is C:\Documents and Settings\[UserName]\Application Data. %CommonDesktopDir% is a variable that refers to the file system directory that contains files and folders that appear on the desktop for all users. A typical path is C:\Documents and Settings\All Users\Desktop (Windows NT/2000/XP). %CommonFavorites% is a variable that refers to the file system directory that serves as a common repository for all users' favorite items. A typical path is C:\Documents and Settings\All Users\Favorites (Windows NT/2000/XP). %DesktopDir% is a variable that refers to the file system directory used to physically store file objects on the desktop. A typical path is C:\Documents and Settings\[UserName]\Desktop. %System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP). %UserProfile% is a variable that specifies the current user's profile folder. By default, this is C:\Documents and Settings\[UserName] (Windows NT/2000/XP). %Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt. The following threats are known to be associated with the file "khatra.exe": Threat Alias Number of Incidents Generic.dx [McAfee] 72 Trojan-Dropper.Win32.Autoit.k [Kaspersky Lab] 72 Trojan-Dropper.Win32.Autoit [Ikarus] 57 W32.SillyFDC [Symantec] 36 W32/Autoit-BP [Sophos] 15 Trojan Horse [Symantec] 12 Virus.Win32.Sality [Ikarus] 12 W32.Harakit [Symantec] 12 Email-Worm.Win32.Agent.kd [Kaspersky Lab] 9 Trojan:Win32/Malagent [Microsoft] 9 Mal/Generic-A [Sophos] 6 Trojan-Dropper.Autoit!sd6 [PC Tools] 6 Email-Worm.Agent!sd6 [PC Tools] 3 Email-Worm.Win32.Runouce.b [Kaspersky Lab] 3 Mal/Inet-Fam [Sophos] 3 PE_Chir.B [Trend Micro] 3 Virus.Win32.VB.bb [Ikarus] 3 Virus:Win32/Virut.L [Microsoft] 3 W32/Chir.b@MM [McAfee] 3 W32/Chir-B [Sophos] 3 Win32.Virut.Gen.5 [PC Tools] 3 Win32/ChiHack.6652 [AhnLab] 3