Towerman 2007 F
(Trojan.Win32.Genome.vkb for Client)
(Backdoor.Win32.Swz.gi for SwzSer.DLL)
(Backdoor.Win32.Swz.gj for SwzSer.exe)

by ?

Written in Delphi

Released in January 2007

Made in China

more versions

 


Server
dropped files:
c:\WINDOWS\system32\Systen.dll
size: 130,560 bytes 

added to registry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\TrkWks
HKEY_LOCAL_MACHINE\SOFTWARE\Tencent\QQ "Tencent"



tested on Windows XP
March 15, 2007
MegaSecurity