Towerman 2007 C
(Backdoor.Win32.GrayBird.pd)
(Trojan-Spy.Win32.Delf.uc)

by ?

Written in Delphi

Released in January 2007

Made in China

more versions

 


Server
dropped files:
c:\WINDOWS\system32\trkwkssw.dll
size: 132,608 bytes  

added to registry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\TrkWks


tested on Windows XP
August 10, 2007
MegaSecurity