I Feel Lucky I Feel Very Lucky

Towerman 2007 D

Released 17 years, 8 months ago. January 2007

Copyright © MegaSecurity

By ?

Towerman 2007 D
Informations
From China
Author ?
Family Towerman
Category Remote Access
Version Towerman 2007 D
Released Date Jan 2007, 17 years, 8 months ago.
Language Delphi
Additional Information 
Server
dropped files:
c:\WINDOWS\nxempu.dll                                                           size: 131,584 bytes 
c:\WINDOWS\system32\trkwkssw.dll                                                size: 131,584 bytes
c:\WINDOWS\system32\trkwksswsw.dll                                              size: 131,584 bytes
c:\WINDOWS\system32\trkwksswswsw.dll                                            size: 131,584 bytes
c:\WINDOWS\system32\trkwksswswswsw.dll                                          size: 131,584 bytes 
c:\WINDOWS\system32\trkwksswswswswsw.dll                                        size: 131,584 bytes 
c:\WINDOWS\system32\trkwksswswswswswsw.dll                                      size: 131,584 bytes 
c:\WINDOWS\system32\trkwksswswswswswswsw.dll                                    size: 131,584 bytes 
c:\WINDOWS\system32\trkwksswswswswswswswsw.dll                                  size: 131,584 bytes 
c:\WINDOWS\system32\trkwksswswswswswswswswsw.dll                                size: 131,584 bytes 
c:\WINDOWS\system32\trkwksswswswswswswswswswsw.dll                              size: 131,584 bytes 
c:\WINDOWS\system32\trkwksswswswswswswswswswswsw.dll                            size: 131,584 bytes 
c:\WINDOWS\system32\trkwksswswswswswswswswswswswsw.dll                          size: 131,584 bytes 
c:\WINDOWS\system32\trkwksswswswswswswswswswswswswsw.dll                        size: 131,584 bytes 
c:\WINDOWS\system32\trkwksswswswswswswswswswswswswswsw.dll                      size: 131,584 bytes 
c:\WINDOWS\system32\trkwksswswswswswswswswswswswswswswsw.dll                    size: 131,584 bytes 
c:\WINDOWS\system32\trkwksswswswswswswswswswswswswswswswsw.dll                  size: 131,584 bytes 
c:\WINDOWS\system32\trkwksswswswswswswswswswswswswswswswswsw.dll                size: 131,584 bytes 
c:\WINDOWS\system32\trkwksswswswswswswswswswswswswswswswswswsw.dll              size: 131,584 bytes 
c:\WINDOWS\system32\trkwksswswswswswswswswswswswswswswswswswswsw.dll            size: 131,584 bytes 
c:\WINDOWS\system32\trkwksswswswswswswswswswswswswswswswswswswswsw.dll          size: 131,584 bytes 
c:\WINDOWS\system32\trkwksswswswswswswswswswswswswswswswswswswswswsw.dll        size: 131,584 bytes 
c:\WINDOWS\system32\trkwksswswswswswswswswswswswswswswswswswswswswswsw.dll      size: 131,584 bytes 
c:\WINDOWS\system32\trkwksswswswswswswswswswswswswswswswswswswswswswswsw.dll    size: 131,584 bytes 

added to registry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\TrkWks


tested on Windows XP
March 12, 2007

If you recognize any personal information on this page and wish to have it removed or redacted, please contact us at jplesueur@phrozen.io. We are committed to protecting your privacy in accordance with GDPR regulations.