» helper.dll
Overview
Analysis
File Details
Programs (1)

helper.dll

Viber Media Inc.

The module helper.dll by Viber Media has been detected as a potentially unwanted program by 2 anti-malware scanners. This file is typically installed with the program Viber by Viber Media Inc.

File name:

helper.dll

Publisher:

Viber Media Inc. (signed and verified)

MD5:

09fb7f38d2643efbf82ce18a73fbe6da

SHA-1:

22f6d74088e0dc9a91db876e956b34edbd2283cc

SHA-256:

7d6a547397814b6779d4b0873a9df1c68c20854ad060df20ff39efb4bcb42caa

Scanner detections:

2 / 68

Status:

Potentially unwanted

Analysis date:

4/26/2024 5:21:37 PM UTC (today)

Scan engine

Detection

Engine version

ESET NOD32

Win32/Toolbar.SearchSuite (variant)

8.9520

Reason Heuristics

PUP.Search.Helper.Meta (M)

16.2.27.14

File size:

1.8 MB (1,890,824 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\helper.dll

Digital Signature

Signed by:

Viber Media Inc.

Authority:

Thawte, Inc.

Valid from:

3/28/2012 1:00:00 AM

Valid to:

3/29/2014 12:59:59 AM

Subject:

CN=Viber Media Inc., OU=DEV, O=Viber Media Inc., L=Panama, S=Panama, C=PA

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

73C6D14119B06C7562CA81A8BEFDCED1

File PE Metadata

Compilation timestamp:

3/5/2014 9:11:03 PM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

49152:IatpZH6WIoPKzkzar9YSVxjQIqhhPgOuKJN:wSbA94jD

Entry address:

0xDF939

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 27, DA, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, CC, CC, CC, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 69, 33, C0, 8A, 44, 24, 08, 84, C0, 75, 16, 81, FA, 80, 00, 00, 00, 72, 0E, 83, 3D, E8, E1, 15, 10, 00, 74, 05, E9, 7F, DA, 00, 00, 57, 8B, F9, 83, FA, 04, 72, 31, F7, D9, 83, E1, 03, 74, 0C, 2B, D1, 88, 07, 83, C7, 01, 83, E9, 01, 75, F6, 8B, C8, C1, E0, 08, 03, C1, 8B, C8, C1, E0, 10, 03, C1, 8B, CA, 83, E2... 
[+]

Code size:

1.1 MB (1,127,936 bytes)

The file helper.dll has been discovered within the following program.

Viber by Viber Media Inc

Publisher's description - “Viber for Windows lets you send free messages and make free calls to other Viber users, on any device and network, in any country! Viber syncs your contacts, messages and call history with your mobile device. All the stickers from your mobile phone, now on your desktop.”

www.viber.com/products/windows

About 3% of users remove it

Remove helper.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.