bbqsvr.exe

SOFTFOUNDRY International Pte Ltd

It runs as a separate (within the context of its own process) windows Service named “BBQ Server”.
Publisher:
SOFTFOUNDRY International Pte Ltd  (signed and verified)

MD5:
9b26c60913526db4d7d25c2140246e1c

SHA-1:
63331bd76c4a2dfca979820cf7058a4f4088a96c

SHA-256:
4db8f6ffb6cd26d74b666669fef31b785fb19c022ea2abfada0ad0f604f53824

Scanner detections:
1 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/15/2024 4:58:36 AM UTC  (today)

Scan engine
Detection
Engine version

Dr.Web
probably BACKDOOR.Trojan
9.0.1.05190

File size:
1.6 MB (1,658,736 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\Program Files\softfoundry\vfon server\bbqsvr.exe

Digital Signature
Authority:
VeriSign, Inc.

Valid from:
12/7/2011 5:30:00 AM

Valid to:
12/8/2014 5:29:59 AM

Subject:
CN=SOFTFOUNDRY International Pte Ltd, OU=Software, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=SOFTFOUNDRY International Pte Ltd, L=Singapore, S=Singapore, C=SG

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
5DE24DA62E884E4B150218DA1A9C9753

File PE Metadata
Compilation timestamp:
7/29/2014 9:46:01 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:D2ZVsXWRGov3XZGT0ap8ahcjCdjcTK9FTcBmEN9PqM8D3A6QpBjX7Xr:D2ZVAEicjI8+M8D1QT

Entry address:
0x104A56

Entry point:
E8, 28, 08, 00, 00, E9, 63, FD, FF, FF, 83, 3D, DC, 88, 57, 00, 00, 74, 2D, 55, 8B, EC, 83, EC, 08, 83, E4, F8, DD, 1C, 24, F2, 0F, 2C, 04, 24, C9, C3, 83, 3D, DC, 88, 57, 00, 00, 74, 11, 83, EC, 04, D9, 3C, 24, 58, 66, 83, E0, 7F, 66, 83, F8, 7F, 74, D3, 55, 8B, EC, 83, EC, 20, 83, E4, F0, D9, C0, D9, 54, 24, 18, DF, 7C, 24, 10, DF, 6C, 24, 10, 8B, 54, 24, 18, 8B, 44, 24, 10, 85, C0, 74, 3C, DE, E9, 85, D2, 79, 1E, D9, 1C, 24, 8B, 0C, 24, 81, F1, 00, 00, 00, 80, 81, C1, FF, FF, FF, 7F, 83, D0, 00, 8B, 54...
 
[+]

Entropy:
6.5122

Code size:
1.1 MB (1,202,176 bytes)

Service
Display name:
BBQ Server

Type:
Win32OwnProcess

Depends on:
EventLog Tcpip SFMySQL


Scan bbqsvr.exe - Powered by Reason Core Security