| Port No | 2155 |
| Service Name | Illusion Mailer |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | Illusion is a trojan that allows the person with the server to send email. That's all it can do. It is anonymous because the server's IP is sent with the email not the person who is really sending it. |
| Reference Link | Illusion Mailer Trojan |
| Attack | It autoloads the Registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Key: Sysmem It does the following : Send anonymous email Removal : 1. Remove the Sysmem key located in the registry at: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run. Which can be done with regedit or any other registry editing program. 2. Reboot the computer or close memory.exe. 3. Delete the trojan file memory.exe in the windows system directory. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.