» helper.dll
Overview
Analysis
File Details
Programs (1)

helper.dll

Viber Media Inc.

The module helper.dll by Viber Media has been detected as a potentially unwanted program by 1 anti-malware scanner with very strong indications that the file is a potential threat. This file is typically installed with the program Viber by Viber Media Inc.

File name:

helper.dll

Publisher:

Viber Media Inc. (signed and verified)

MD5:

d86a656efbf7f0a46ceb7d9b19d98f03

SHA-1:

6bd503c4f0376867903afe4b5f97d4d6a5a7ae4f

SHA-256:

e608349b64cee64565ac616c94c95e51395b2d785dd71e90970e06274fc812a3

Scanner detections:

1 / 68

Status:

Potentially unwanted

Analysis date:

4/24/2024 1:11:50 PM UTC (today)

Scan engine

Detection

Engine version

Reason Heuristics

PUP.Search.Helper.Meta (M)

16.2.27.14

File size:

1.8 MB (1,915,400 bytes)

File type:

Dynamic link library (Win32 DLL)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\helper.dll

Digital Signature

Signed by:

Viber Media Inc.

Authority:

Thawte, Inc.

Valid from:

3/28/2012 2:00:00 AM

Valid to:

3/29/2014 12:59:59 AM

Subject:

CN=Viber Media Inc., OU=DEV, O=Viber Media Inc., L=Panama, S=Panama, C=PA

Issuer:

CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:

73C6D14119B06C7562CA81A8BEFDCED1

File PE Metadata

Compilation timestamp:

11/4/2013 5:16:40 AM

OS version:

5.1

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

10.0

CTPH (ssdeep):

24576:YRgtIhT7dsqt5w+DFXAq8tes5XUDsK4x/r1mO2U3Ihxlav1O0ysOu3jpWj:YRgtk7d/fDs8vaIhxlav1FysOmjpWj

Entry address:

0xDF889

Entry point:

8B, FF, 55, 8B, EC, 83, 7D, 0C, 01, 75, 05, E8, 27, DA, 00, 00, FF, 75, 08, 8B, 4D, 10, 8B, 55, 0C, E8, EC, FE, FF, FF, 59, 5D, C2, 0C, 00, CC, CC, CC, CC, 8B, 54, 24, 0C, 8B, 4C, 24, 04, 85, D2, 74, 69, 33, C0, 8A, 44, 24, 08, 84, C0, 75, 16, 81, FA, 80, 00, 00, 00, 72, 0E, 83, 3D, 68, E1, 15, 10, 00, 74, 05, E9, 7F, DA, 00, 00, 57, 8B, F9, 83, FA, 04, 72, 31, F7, D9, 83, E1, 03, 74, 0C, 2B, D1, 88, 07, 83, C7, 01, 83, E9, 01, 75, F6, 8B, C8, C1, E0, 08, 03, C1, 8B, C8, C1, E0, 10, 03, C1, 8B, CA, 83, E2... 
[+]

Entropy:

6.4859

Code size:

1.1 MB (1,127,424 bytes)

The file helper.dll has been discovered within the following programs.

Viber by Viber Media Inc

Publisher's description - “Viber for Windows lets you send free messages and make free calls to other Viber users, on any device and network, in any country! Viber syncs your contacts, messages and call history with your mobile device. All the stickers from your mobile phone, now on your desktop.”

www.viber.com/products/windows

About 3% of users remove it

Remove helper.dll - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.