Virus

W32/Turkojan.Backdoor

Analysis

  • Trojan is remote access capable and is fully configurable using a related Trojan editor
  • Trojan is authored by a hacker or group of hackers from Turkey
  • The complete Trojan package includes a Trojan editor and a client component, and several icons from which to associate the Trojan as a means to give the appearance that the Trojan server is not malicious
  • The client component communicates with the server with the ability to control the host system which has the server component installed
  • If the server component is run either intentionally or through malicious methods, it will install itself by copying itself to a configured location and filename, and also modify the system registry to load from a configured registry key