home

ubiorbitapi_r2.dll

The library ubiorbitapi_r2.dll has been detected as malware by 12 anti-virus scanners. The file has been seen being downloaded from dla.uloz.to and multiple other hosts.
MD5:
86ba92c8c93593d0dac364c8cad2346d

SHA-1:
9ad987aed677a595cb6cb507a12a014989d4e597

SHA-256:
79e6323661385f527d3774ec3abc002e402c4e2870ae0d6412c825c7d4556675

Scanner detections:
12 / 68

Status:
Malware

Analysis date:
5/10/2024 1:39:01 PM UTC  (today)

Scan engine
Detection
Engine version

Agnitum Outpost
Trojan.Packed
7.1.1

Bkav FE
HW32.TsCabk
1.3.0.4677

ESET NOD32
Win32/Packed.VMProtect.AAA (variant)
8.9300

Fortinet FortiGate
W32/Agent.AVPP!tr
1/26/2014

Norman
Suspicious_Gen2.CCLDX
11.20140126

Panda Antivirus
Generic Trojan
14.01.26.12

Reason Heuristics
Unnamed.Threat.18
14.3.5.0

Rising Antivirus
PE:Trojan.Win32.Generic.12680F0E!308809486
23.00.65.14124

Sophos
Mal/VMProtBad-A
4.96

Trend Micro House Call
CRCK_GAMEBYPASS
7.2.26

Trend Micro
CRCK_GAMEBYPASS
10.465.26

VIPRE Antivirus
Trojan.Win32.Generic
25482

File size:
749 KB (766,976 bytes)

File type:
Dynamic link library (Win32 DLL)

Common path:
C:\Program Files\ubisoft\ubisoft game launcher\ubiorbitapi_r2.dll

File PE Metadata
Compilation timestamp:
4/25/2010 2:43:06 AM

OS version:
5.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
9.0

CTPH (ssdeep):
12288:vNH+1gxr2WF9Bqx8lP2J01htFH/nydD0M9gRcCDtrZnw0Xu5ZGFaw:1H+16r2+9BNt2u1htFH/ny+fdxreku5M

Entry address:
0x1A829E

Entry point:
68, 14, 02, E8, 16, E8, 25, CA, FF, FF, 88, EC, DD, E0, 9D, D3, DB, 97, B5, A1, DF, 65, 50, 75, 54, 6B, 50, 79, 56, 65, 5C, 79, 4E, 3F, 48, 53, 2C, FB, 7E, 15, 64, A3, 19, 32, 5F, 00, 37, 20, 17, 2B, DF, A6, 80, 6D, F8, D3, 90, BE, EB, 45, 80, FE, 73, AD, C7, 14, AE, BB, D6, 6F, C3, 86, 79, F5, 8C, 58, D8, 2C, 39, 5A, B5, 1D, FC, 4E, 7A, E4, 39, B8, 61, 74, A7, 19, 8C, 88, 02, F6, 85, E6, A5, EF, 7A, D2, FC, 8F, CC, D0, 7B, CD, 98, A7, D4, A5, D0, AB, C2, AF, CE, A1, D8, BD, 42, 25, 42, 4D, ED, 14, 58, D9...
 
[+]

Entropy:
7.9183  (probably packed)

Code size:
1.7 MB (1,751,040 bytes)

The file ubiorbitapi_r2.dll has been seen being distributed by the following 3 URLs.

http://dla.uloz.to/Ps;Hs;fid=7281548;cid=2087690507;rid=562012572;up=0;uip=178.40.73.143;tm=1453190763;ut=f;aff=uloz.to;did=uloz-to;He;ch=2cdb6e66911fb0cedacf8d2da976588c;Pe/.../ubiorbitapi-r2-dll?bD&c=2087690507&De

http://download2153.mediafire.com/mev1wvv8g27g/.../ubiorbitapi_r2.dll

http://download2062.mediafire.com/b9sjluy1u05g/.../ubiorbitapi_r2.dll

Remove ubiorbitapi_r2.dll - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.