home

beservice.exe

Bastian Suter

This is a setup program which is used to install the application. It runs as a separate (within the context of its own process) windows Service named “BattlEye Service”. The file has been seen being downloaded from www.battleye.com and multiple other hosts.
Publisher:
Bastian Suter  (signed and verified)

MD5:
c4c9cfb7e42cd1caf172d92d5a3e4aa9

SHA-1:
adc904e041f9c94bcc6deb18e3ae95ba393797e5

SHA-256:
448205e4e766c3a8e77bd5713c2458be5507cd680366e2f0507fae68fae5cdef

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/20/2024 3:19:55 AM UTC  (today)

File size:
1.1 MB (1,141,248 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\Program Files\common files\battleye\beservice.exe

Digital Signature
Signed by:
Bastian Suter

Authority:
DigiCert Inc

Valid from:
4/19/2015 5:00:00 PM

Valid to:
6/13/2018 5:00:00 AM

Subject:
CN=Bastian Suter, O=Bastian Suter, L=Tübingen, S=Baden-Württemberg, C=DE

Issuer:
CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0CEC25760619513A72214FB3C86C376D

File PE Metadata
Compilation timestamp:
6/2/2015 5:46:42 AM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
8.0

CTPH (ssdeep):
24576:4T5gYJFUfO6nK0KiLOnx8bHB+qeDuCpHylb9xKB+OwD6AhnjuYFz++907PMTbU:cgiU/nfLz4uCpHylbnKB+OI6y6YF0TME

Entry address:
0x1E0052

Entry point:
E9, E4, 92, FB, FF, 0F, 85, BF, B3, FB, FF, 66, 0F, BA, E2, 07, F6, C2, DB, 80, F9, 2F, C6, 47, FF, 00, 84, F3, E9, 3E, 29, FA, FF, 0F, 82, 06, 12, FA, FF, C3, AA, E9, 6F, DB, F9, FF, F8, 66, 0F, BA, E7, 01, F8, 80, 7F, FF, 00, E9, 69, BB, FB, FF, D3, 2D, 20, 3F, 35, A8, 43, A2, BC, 3F, DF, E9, 10, EC, C0, 32, C0, 30, 1E, 8F, 25, DA, DD, 3D, 2D, C1, 7D, 93, 35, 1B, 14, 9B, 7F, 8C, C9, 4A, 2C, B8, 81, 0F, D2, 2F, 3A, D7, FC, 70, BF, 44, 4F, 71, 8A, CB, 64, AC, A1, 16, 79, 02, 43, A7, 17, ED, D7, 3C, 74, 5E...
 
[+]

Entropy:
7.8745

Packer / compiler:
Xtreme-Protector v1.05

Code size:
110.5 KB (113,152 bytes)

Service
Display name:
BattlEye Service

Service name:
BEService

Type:
Win32OwnProcess


The file beservice.exe has been discovered within the following program.

DayZ  by Bohemia Interactive
www.dayzgame.com
About 9% of users remove it
 
Powered by Should I Remove It?

The file beservice.exe has been seen being distributed by the following 2 URLs.

http://www.battleye.com/downloads/.../BEService_x64.exe

http://www.battleye.com/downloads/.../BEService_x64.exe

Scan beservice.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.