Fighting Spyware, Malware and Adware one File at a Time.
Navigation Links

Database of Spyware Home

About the Project

View the Database

Forums

Database of Spyware Site Map

Terms of Use

SeaPig

Overview

Vendor Description

 From the doc: '-Ok, this is VERY simple: SeaPig is used to bind 2 exefiles together. -The reason you should use SeaPig is that it supports encryption: both exefiles are RC4 encrypted into the stub, so you can't see 3(stub, first and second exe) exeheaders; The victim will think it's a 'normal' exefile... ;) -If you have any questions, vitit the areyoufearless forums and post there... -Important: _do_not_ mess with the output file in any way! You can do whatever you want with the First and Second Exe (pack, encrypt whatever), but don't tamper with the generated output file!'

Alias

 destructive program [F-Prot], MultiDropper.cfg, MultiDropper.cfg [McAfee], TrojanDropper.Win32.Seapig [Kaspersky], Univ.PS [Panda],

Category

 Binder: A tool that combines two or more files into a single file, usually for the purpose of hiding one of them. A binder compiles the list of files that you select into one host file, which you can rename. A host file is a simple custom compiled program that will decompress and launch the source programs. When you start the host, the embedded files in it are automatically decompressed and launched. When a trojan is bound with Notepad, for instance, the result will appear to be Notepad, and appear to run like Notepad, but the Trojan will also be run.

 

Origins

 

Author

 Ghirai

Others By This Author

  CyberSpy · CyberSpy 1.3 · CyberSpy 8.0 · CyberSpy 8.2 build 8.4.7 · CyberSpy 8.4 · CyberSpy 8.5 · CyberSpy FTP · Fearless KeySpy · Fearless KeySpy 1.0 · Fearless KeySpy 1.1b · Fearless KeySpy 2.0 · Scan the Planet 3.0 · TrojanSpy.Win32.Fearless.20 ·

Date of Origin

 June, 2002
 

Detection and Removal

Manual Removal

 Follow these steps to remove SeaPig from your machine. Begin by backing up your registry and your system, and/or setting a Restore Point, to prevent trouble if you make a mistake.

 Stop Running Processes:

Kill these running processes with Task Manager:



Remove Files:

Remove these files (if present) with Windows Explorer:



 
ScreenSaver  ScreenScrew  Scrnch0.2  SdBot  SdBot.gen  SeaPig  Search-Exe  Search-Explorer  Search-o-Matic2000  Search123  
 
Site Map 2006 © Copyright DatabaseofSpyware.com. All rights reserved. Terms of Use
Another Proud Thor Schrock Development