home

beservice_x64.exe

Bastian Suter

This is a setup program which is used to install the application. The file has been seen being downloaded from www.battleye.com.
Publisher:
Bastian Suter  (signed and verified)

MD5:
486bbc60b66ad2809358438108ab9d95

SHA-1:
a12ac231a324c080d15402bda21439a930ad4d59

SHA-256:
ebdbc255c0ff6e8bc992423df56f7cd0cd88d2b492f644ebdcbc22138b7f5ff0

Scanner detections:
2 / 68

Status:
Clean  (2 probable false positive detections)

Explanation:
These detections are probably false positives (erroneous), the file is probably malware free.

Analysis date:
4/26/2024 12:30:30 AM UTC  (today)

Scan engine
Detection
Engine version

Comodo Security
UnclassifiedMalware
20734

McAfee
Generic Obfuscated.c
5600.6883

File size:
763.9 KB (782,208 bytes)

File type:
Executable application (Win64 EXE)

Common path:
C:\Program Files\steam\steamapps\common\arma 2 operation arrowhead\expansion\battleye\beservice_x64.exe

Digital Signature
Signed by:
Bastian Suter

Authority:
DigiCert Inc

Valid from:
3/5/2014 12:00:00 AM

Valid to:
5/13/2015 1:00:00 PM

Subject:
CN=Bastian Suter, O=Bastian Suter, L=Tübingen, S=Baden-Württemberg, C=DE

Issuer:
CN=DigiCert High Assurance Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US

Serial number:
0F01D40307832B7F6747D7AB752213DC

File PE Metadata
Compilation timestamp:
1/15/2015 5:23:44 PM

OS version:
4.0

OS bitness:
Win64

Subsystem:
Windows Console

Linker version:
8.0

CTPH (ssdeep):
12288:5USqwgXW7XOdnoLCnABMdgNwzHcs6bTZ9c2OKwHhDC9qsHt7zQ/P+GCH0xLSJhLD:5ngmjCEMg4Hd6zc2OKGhkVQ/P+dH0ZE5

Entry address:
0xFF769

Entry point:
0F, 82, 87, 5F, F9, FF, 68, 1B, E9, 2B, A4, E9, 52, A1, F8, FF, 0F, 84, A9, 01, 00, 00, 48, D3, F1, FE, C5, 50, 66, 29, D9, FE, CC, 48, 0F, AC, F0, 05, 48, 89, D9, 84, DD, 81, FC, BD, E4, 22, B6, 48, 83, EC, 20, E9, 68, 04, F9, FF, 8B, 84, 51, EF, 47, D8, CE, B2, D2, 45, D2, 9E, FF, EB, D9, 82, 42, B5, C6, ED, 55, BA, 8A, BB, 27, D0, 54, 12, A8, AB, 76, 3A, 03, 1D, 39, D7, EC, B9, A9, 15, 2E, 6E, 2C, D0, 0C, 05, 5F, A7, FC, E9, BB, DC, C8, 4D, 94, E8, 79, 18, 0D, 99, A5, 3D, D0, 55, 62, 59, 9B, 2F, 52, 4B...
 
[+]

Entropy:
7.8784  (probably packed)

Code size:
79 KB (80,896 bytes)

The file beservice_x64.exe has been seen being distributed by the following URL.

http://www.battleye.com/downloads/.../BEService_x64.exe

Scan beservice_x64.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.