home

beservice.exe

Bastian Suter

This is a setup program which is used to install the application. It runs as a separate (within the context of its own process) windows Service named “BattlEye Service”. The file has been seen being downloaded from www.battleye.com.
Publisher:
Bastian Suter  (signed and verified)

MD5:
96e6fda70874ebb1e616bcf216ee118a

SHA-1:
49d934d5e6a2f5c03c06f07abf74622d7f12f5f2

SHA-256:
e1dbd5e610457cc2ff5e3da6426f292c3514c15986e632a4f515e8206e77f7b5

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

False Positives:
A number of engines detected this file but were erroneous detections (false positives).

Analysis date:
5/4/2024 2:04:53 PM UTC  (today)

File size:
1.1 MB (1,145,216 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\Program Files\common files\battleye\beservice.exe

Digital Signature
Signed by:
Bastian Suter

Authority:
DigiCert Inc

Valid from:
3/5/2014 1:00:00 AM

Valid to:
5/13/2015 2:00:00 PM

Subject:
CN=Bastian Suter, O=Bastian Suter, L=Tübingen, S=Baden-Württemberg, C=DE

Issuer:
CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0F01D40307832B7F6747D7AB752213DC

File PE Metadata
Compilation timestamp:
5/10/2015 11:23:41 PM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
8.0

CTPH (ssdeep):
24576:qUERTnrzCKjdB9aQwzSqsfzmxd1/0jIvKsWaKWewO7:y5nnCKRGQwoaxojIvxWaYb

Entry address:
0x186A16

Entry point:
E9, 7C, B3, F4, FF, E9, F3, F5, FF, FF, E9, 0C, 97, F4, FF, 0F, 85, CD, 80, FF, FF, 48, 0F, A3, EB, 84, FB, F5, F5, C6, 47, FF, 00, 48, 0F, A3, EF, 48, F7, C4, 08, 00, 00, 00, E9, 3A, 30, 00, 00, E9, 84, D2, FF, FF, 09, D0, B7, 3F, AC, D6, 3A, 4D, 6E, 39, 54, F5, FD, 6E, 12, DD, 33, 5C, 01, 38, 45, D4, 5C, CB, 17, 8C, D9, A8, B8, 3F, E1, BE, BF, E2, 6B, 7E, 52, 95, CD, BE, 64, 0F, E3, 20, 90, 7F, DE, F3, AD, 5A, AE, 09, FB, 90, 0D, 7E, BA, 1D, B6, 96, B7, 20, 33, F6, CF, 38, D5, AA, 03, B4, 22, BE, F7, C8...
 
[+]

Entropy:
7.8728

Packer / compiler:
Xtreme-Protector v1.05

Code size:
110 KB (112,640 bytes)

Service
Display name:
BattlEye Service

Service name:
BEService

Type:
Win32OwnProcess


The file beservice.exe has been discovered within the following program.

DayZ  by Bohemia Interactive
www.dayzgame.com
About 9% of users remove it
 
Powered by Should I Remove It?

The file beservice.exe has been seen being distributed by the following URL.

http://www.battleye.com/downloads/.../BEService_x64.exe

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.