Shiotob
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 90 % (High) |
| Infected Computers: | 11 |
| First Seen: | October 9, 2013 |
| Last Seen: | May 5, 2023 |
| OS(es) Affected: | Windows |
Shiotob is a backdoor Trojan that is often distributed using social engineering tactics and unsafe email attachments. The most common way in which Shiotob is distributed is using spam email messages that are programed to imitate genuine emails from news sources, airlines, couriers and other types of businesses. The point of these unsafe spam email messages is to fool computer users into opening an attached file of clicking on an embedded link. These lead computer users to drive-by-download websites that install Shiotob on the victim's computer or contain Shiotob's executable file itself. In the case of an exposition to doubtful email messages from unsolicited sources or if your computer is displaying symptoms of a possible threat, ESG security researchers suggest the utilization of a competent anti-malware program to disinfect your computer and prevent future threat attacks.
Table of Contents
Typical Problems Carried Out by Shiotob
Malware infections like Shiotob will seldom cause symptoms directly by themselves. Rather, Shiotob may be used to deliver other types of unwanted components to the affected computer which can themselves alert the computer user of a problem on the infected computer. For example, Shiotob may be used to allow criminals to insert rogue security software or a banking Trojan on the victim's computer. Essentially, Shiotob is a backdoor Trojan. This means that Shiotob establishes an unauthorized breach in the infected computer's security protection. Using the Shiotob backdoor, criminals may spy on the infected computer's activities or install other threats. Shiotob may cause performance problems and issues with Internet connectivity. However, in most cases the first sign of a Shiotob infection will be a detection by the infected computer's security application.
Preventing and Dealing with a Shiotob Infection
The best way of preventing a Shiotob infection is protecting your machine with a proven anti-malware program that is always updated. It is also crucial to use other security software such as a reliable anti-spam filter and a strong firewall. Although security software is important, though, it is just as important to practice safe browsing habits such as avoiding websites with unsafe content that are typically used to distribute threats (for example, websites with pornographic material or peer to peer file sharing networks). Since Shiotob may often be used alongside components used to steal sensitive data, it is important to avoid handling sensitive data (such as credit card numbers) until traces of Shiotob or its associated threatening components are removed.
File System Details
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | winquser.exe | |
| 2. | playwd.exe | |
| 3. | execoumixer.exe | |
| 4. | winzhlp.exe | |
| 5. | DHL_ONLINE_SHIPPING_PREALERT_[RANDOM NUMBERS AND CHARACTERS].zip | |
| 6. | DHL-International-Delivery-Notification_[RANDOM NUMBERS AND CHARACTERS].zip | |
| 7. | Booking_Hotel_Reservation_Details_[RANDOM NUMBERS AND CHARACTERS].zip | |
| 8. | DHL-Worldwide-Delivery-Notification-[RANDOM NUMBERS AND CHARACTERS].zip | |
| 9. | DHL_Express_POST-NOTIFICATION_[RANDOM NUMBERS AND CHARACTERS].zip |
Registry Details
URLs
Shiotob may call the following URLs:
| armyclub.netquickring.net |
| bodoyizu.com |
| ckirarhobrw.mrbasic.com |
| eotukposed.sendsmtp.com |
| ereso.net |
| evishop.net |
| firerice.com |
| genubajom.servegame.com |
| lahobenom.servegame.com |
| nepcuibeg.sytes.net |
| oraomana.cc |
| peertag.com |
| quickring.net |
| ricepad.net |
| rivadolti.sendsmtp.com |
| ropohexa.com |
| safeoil.net |
| tamnia.com |
| tekiharob.sytes.net |
| ufoconklpef.sytes.net |
| uvoceconeht.myftp.org |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.