SHA1 hash of the ZIP archive downloaded from the phishing URL; contains the legitimate VLC EXE and malicious libvlc.dll used for DLL sideloading