home

beservice.exe

Bastian Suter

This is a setup program which is used to install the application. The file has been seen being downloaded from battleye.com.
Publisher:
Bastian Suter  (signed and verified)

MD5:
562a272acd9b29c176a2de45d5d29b16

SHA-1:
118bdc7003d54896641e029086ed94b2a5ed4887

SHA-256:
ba17a8bb453f949cce6abf9804ec0926889cf9799d191da452c7b0ecdf2b0285

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/23/2024 5:00:43 PM UTC  (today)

File size:
599.9 KB (614,272 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\beservice.exe

Digital Signature
Signed by:
Bastian Suter

Authority:
DigiCert Inc

Valid from:
3/4/2014 4:00:00 PM

Valid to:
5/13/2015 5:00:00 AM

Subject:
CN=Bastian Suter, O=Bastian Suter, L=Tübingen, S=Baden-Württemberg, C=DE

Issuer:
CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0F01D40307832B7F6747D7AB752213DC

File PE Metadata
Compilation timestamp:
1/5/2015 3:53:28 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows Console

Linker version:
8.0

CTPH (ssdeep):
12288:cTUTflhDNf5/lv8GCr8bd/efmoznL36Rq32PNPoP2tzk43zdO:eU7l13/jCrGhAmozLv3koyzZj0

Entry address:
0xE4E11

Entry point:
E9, DE, CA, FF, FF, 40, 42, B4, 9F, 07, 56, 97, 2B, 3E, A2, F8, 4A, C3, F6, F5, E6, DD, E8, F7, C6, 99, 54, 9E, 65, D5, 38, 1F, 6E, EC, 87, DF, 16, 31, 94, 57, 96, AB, 0F, 92, 8B, DE, 43, 40, 97, 81, C9, 2C, 2A, D1, 60, 7E, 6D, 98, B0, F7, D1, CA, AD, C9, FD, B5, E8, 25, 9D, F1, 84, D9, A3, BD, 36, 53, DB, 5B, 5F, A0, 16, 64, DB, E7, 38, 8D, 19, E7, 54, E8, 26, 1A, 6A, D4, EB, 43, D4, FD, 93, D0, 56, E3, 9B, B4, A3, AE, 22, C4, 14, A3, 8A, AC, F9, 45, C4, 93, 8B, D1, 0A, 60, 4B, 2D, 4F, B8, 0B, 61, B8, 15...
 
[+]

Entropy:
7.8478

Packer / compiler:
tElock 0.99 - 1.0 private

Code size:
60 KB (61,440 bytes)

The file beservice.exe has been seen being distributed by the following URL.

http://battleye.com/downloads/.../BEService.exe

Scan beservice.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.