OSK_Krowi.A is malware that arrives as a file bundled with pirated versions of Apple's iWork '09 suite, which may be downloaded from file sharing Web sites.

It attempts to install itself as iWorkServices. It then modifies the attribute of the installation folder by executing the command chmod 755 to set read and execute access for everyone and also write access for the owner of the file.

This malware creates the property list StartupParameters.plist in the startup item directory. Once connected, P2P commands may be executed on the affected machine.

This malware connects to Web sites to send and receive information.

Technical details can be found at this Trend Micro page.