home

SeaPort.exe

Bing Bar

Microsoft Corporation.

The executable SeaPort.exe, “Microsoft SeaPort Search Enhancement Broker” has been detected as malware by 5 anti-virus scanners. It runs as a separate (within the context of its own process) windows Service named “BBUpdate”.
Publisher:
Microsoft Corporation.

Product:
Bing Bar

Description:
Microsoft SeaPort Search Enhancement Broker

Version:
7.1.362.0

MD5:
9b3f944e09efefa4b1c28fc955859780

SHA-1:
2277d94f1546a7c781b67bc47b139b1738f941cc

Scanner detections:
5 / 68

Status:
Malware

Analysis date:
4/23/2024 7:52:36 PM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Mabezat [Wrm]
160917-0

Clam AntiVirus
Win.Trojan.Mabezat-2
0.98/23207

ESET NOD32
Win32/Mabezat.A virus
6.3.12010.0

F-Prot
W32/Mabezat.A-2
4.6.5.141

F-Secure
Win32.Worm.Mabezat.Gen
5.16.24

File size:
387.6 KB (396,935 bytes)

Product version:
7.1.362.0

Copyright:
© 2011 Microsoft Corporation. All rights reserved.

Trademarks:
Microsoft® is a registered trademark of Microsoft Corporation.

Original file name:
SeaPort.exe

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\microsoft\bingbar\7.1.362.0\seaport.exe

File PE Metadata
Compilation timestamp:
2/14/2012 2:14:56 PM

OS version:
6.2

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

Entry address:
0x16BBA

Entry point:
BB, 74, C7, C1, C3, 93, E9, 20, 01, 00, 00, 53, F9, 5C, 58, 04, 88, 5C, 58, F4, 87, DF, DC, DC, 5C, DC, DC, 0B, DC, DC, DC, 3B, 0D, 12, 0D, 0C, 0D, 15, 13, 12, DC, DC, DC, 50, 3D, 56, 41, 3E, 3D, 49, 3D, 0A, 40, 48, 48, DC, DC, DC, DC, 38, DC, DC, DC, 22, 4E, 41, 41, 28, 45, 3E, 4E, 3D, 4E, 55, DC, 1F, 4E, 41, 3D, 50, 41, 20, 45, 4E, 41, 3F, 50, 4B, 4E, 55, 1D, DC, DC, DC, DC, 23, 41, 50, 33, 45, 4A, 40, 4B, 53, 4F, 20, 45, 4E, 41, 3F, 50, 4B, 4E, 55, 1D, DC, DC, DC, DC, 23, 41, 50, 29, 4B, 40, 51, 48, 41...
 
[+]

Entropy:
6.9645

Code size:
180 KB (184,320 bytes)

Service
Display name:
BBUpdate

Description:
Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabli

Type:
Win32OwnProcess


Remove SeaPort.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.