» ubiorbitapi_r2_loader.dll
Overview
Analysis
File Details
Programs (1)
Downloads (2)

ubiorbitapi_r2_loader.dll

The library ubiorbitapi_r2_loader.dll has been detected as malware by 12 anti-virus scanners. This file is typically installed with the program Far Cry 3 by R.G. Reverants. The file has been seen being downloaded from rghost.ru and multiple other hosts.

File name:

MD5:

9d24998561a96f192aa2aa6ad5faf3b3

SHA-1:

b30559aa97ae446f2bdd6ebff7a92ff1907a76ed

SHA-256:

c64f1357f7323c1fff4385d99ab3191051c8cbac8a35a7cb0b7a940d534b34a6

Scanner detections:

12 / 68

Status:

Malware

Analysis date:

4/25/2024 6:58:02 PM UTC (today)

Scan engine

Detection

Engine version

Bkav FE

HW32.CDB

1.3.0.4923

Comodo Security

UnclassifiedMalware

17661

ESET NOD32

Win32/Packed.VMProtect.AAD (variant)

8.9329

Fortinet FortiGate

W32/Generic

1/24/2014

Norman

Troj_Generic.FPIPD

11.20140124

Panda Antivirus

Trj/OCJ.A

14.01.24.01

Reason Heuristics

Unnamed.Threat.14

14.2.23.10

Rising Antivirus

PE:Trojan.Win32.Generic.1386CE32!327601714

23.00.65.14122

Trend Micro House Call

CRCK_GAMEBYPASS

7.2.24

Trend Micro

CRCK_GAMEBYPASS

10.465.24

VIPRE Antivirus

Trojan.Win32.Generic

25724

ViRobot

Trojan.Win32.S.Inject.70656

2011.4.7.4223

File size:

69 KB (70,656 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\Program Files\assassins creed iv black flag\ubiorbitapi_r2_loader.dll

File PE Metadata

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

1536:3eamL1RkgyAZ1cY6qf9PBc2np7YEB+PRraSLulnouy8:3XngyAZ1cHqQEuaw2out

Entry address:

0x206E0

Entry point:

80, 7C, 24, 08, 01, 0F, 85, C7, 0B, 00, 00, 60, BE, 00, 10, 01, 10, 8D, BE, 00, 00, FF, FF, 57, 89, E5, 8D, 9C, 24, 80, C1, FF, FF, 31, C0, 50, 39, DC, 75, FB, 46, 46, 53, 68, 8F, EC, 01, 00, 57, 83, C3, 04, 53, 68, D2, F6, 00, 00, 56, 83, C3, 04, 53, 50, C7, 03, 03, 00, 02, 00, 90, 90, 55, 57, 56, 53, 83, EC, 7C, 8B, 94, 24, 90, 00, 00, 00, C7, 44, 24, 74, 00, 00, 00, 00, C6, 44, 24, 73, 00, 8B, AC, 24, 9C, 00, 00, 00, 8D, 42, 04, 89, 44, 24, 78, B8, 01, 00, 00, 00, 0F, B6, 4A, 02, 89, C3, D3, E3, 89, D9... 
[+]

Entropy:

7.9289 (probably packed)

Code size:

68 KB (69,632 bytes)

The file ubiorbitapi_r2_loader.dll has been discovered within the following program.

Far Cry 3 by R.G. Reverants

This is a repack version of the game and not distributed by the original publisher which might not be a legal or legitimate copy, please refer to the game copyright.

About 1% of users remove it

The file ubiorbitapi_r2_loader.dll has been seen being distributed by the following 2 URLs.

http://rghost.ru/download/48080970/.../1321338cb42b87da5098d3fd85f3dd220b5d0009/ubiorbitapi_r2_loader.dll

http://bbs.3dmgame.com/forum.php?mod=attachment&aid=MjQ0MzcyMHxmMjUyZWU1NHwxMzY2NTY0ODgwfDB8Mzc1MDg2Ng==

Remove ubiorbitapi_r2_loader.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.