home

beservice.exe

Bastian Suter

This is a setup program which is used to install the application. It runs as a separate (within the context of its own process) windows Service named “BattlEye Service”. The file has been seen being downloaded from www.battleye.com and multiple other hosts.
Publisher:
Bastian Suter  (signed and verified)

MD5:
12a7660f0666033b98510a1c45ee0c34

SHA-1:
22a95172cdae9f78438ec1b08e9d5b3b67b78247

SHA-256:
280350b3e960479a0ce4848916804950cf241846162955eb9d12e725cff0add7

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 10:53:16 AM UTC  (today)

File size:
1.2 MB (1,225,216 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\Program Files\common files\battleye\beservice.exe

Digital Signature
Signed by:
Bastian Suter

Authority:
DigiCert Inc

Valid from:
4/19/2015 8:00:00 PM

Valid to:
6/13/2018 8:00:00 AM

Subject:
CN=Bastian Suter, O=Bastian Suter, L=Tübingen, S=Baden-Württemberg, C=DE

Issuer:
CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
07033DEE5ABAFA092E57E090D3A11DE2

File PE Metadata
Compilation timestamp:
9/18/2015 6:21:15 AM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
8.0

CTPH (ssdeep):
24576:LtT0tm46SRwoW4Y6gyUSpjJxRxKlCvq+LNH/H9wvy47LnlI4wLK:L906SI6gSpdxNS+LNH/H9OyonlALK

Entry address:
0x1F0F19

Entry point:
E9, 46, 4C, FE, FF, 68, 92, C8, 62, 4B, E9, F0, 70, 00, 00, E5, 95, 5B, 54, 8B, 24, EB, 74, DA, 3E, 7D, AD, 10, 90, 9A, 6C, BE, 30, 8B, 4F, 6E, 4A, E0, 66, 55, DD, E0, E0, DB, 17, A6, 52, D8, 46, E4, 22, 08, 76, 45, 25, 98, 08, B3, 9F, 1E, C2, 68, CE, 5C, 82, D1, 8B, 65, 9E, B5, 96, 92, AA, DD, F5, C8, E0, 1D, D0, 80, C3, F5, 7E, 6A, C1, F4, E8, 30, 39, AD, 15, E8, 96, 38, A6, 84, 7A, 61, 27, E2, 64, AB, AD, 13, FA, 58, 0F, 52, BB, 66, DD, C0, E0, E5, D7, C0, 03, A1, 47, 9E, 8B, 13, D3, 04, D0, 7A, F6, 29...
 
[+]

Entropy:
7.8755

Packer / compiler:
Xtreme-Protector v1.05

Code size:
111.5 KB (114,176 bytes)

Service
Display name:
BattlEye Service

Service name:
BEService

Type:
Win32OwnProcess


The file beservice.exe has been discovered within the following program.

DayZ  by Bohemia Interactive
www.dayzgame.com
About 9% of users remove it
 
Powered by Should I Remove It?

The file beservice.exe has been seen being distributed by the following 3 URLs.

http://www.battleye.com/downloads/.../BEService_x64.exe

http://www.battleye.com/downloads/.../BEService_x64.exe

http://www.battleye.com/downloads/.../BEService_x64.exe

Scan beservice.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.