carrumba over at Megapanzer gives a good overview of the lifecycle of a trojan horse, he writes "What a trojan horse needs first are its configuration settings. The information it knows what to do once it is executed on the target system. At this point we have to know the trojan horse is divided into two different parts: the client and the server. The server is the part that is installed on the victims systems, the client is the controlling component on at the attackers side.
The names server and client in this context are a little confusing because normally a client is the one that connects to a server and sends commands to it. This is the way the setup was in use some years ago. The attackers on the client machines connected to the servers on the infected victim machines. But nowadays it works exactly the opposite. The infected victim systems establish a reverse connection to the controlling master system." – Content courtesy of Megapanzer » Blog Archive » The lifecycle of a trojan horse