Is "Seoul" on VS Code Marketplace Safe to Install?

arzg · vscode · v1.0.0

A theme based on seoul256.vim

Risk Assessment

Analyzed
36.32
out of 100
LOW

44 security findings detected across all analyzers

VS Code extension analyzed via package manifest and static code analysis

Severity Breakdown

0
Critical
3
High
41
Medium
0
Low
0
Info

Finding Categories

3
Malware Signatures
41
IoC Indicators

YARA Rules Matched

2 rules(3 hits)
postinstall registry modification postinstall crypto operations

About This Extension

A theme based on seoul256.vim

Detailed Findings

3 total

YARA Rule Matches

2 rules

Indicators of Compromise

Network indicators, suspicious strings, and potential IoCs extracted during analysis

URLs
7
IP Addresses
11
Domains
13
Strings
41

All Indicators · 41

IP
detected IP: e::

XIOC detected IP: e::

extracted_from_files

IP
detected IP: f::da

XIOC detected IP: f::da

extracted_from_files

Hash
detected SHA256 Hash: 71d301d4193d031abdd79ff7e3dd721168a9572ef3fe51a1517aba235bd8f86e

XIOC detected SHA256 Hash: 71d301d4193d031abdd79ff7e3dd721168a9572ef3fe51a1517aba235bd8f86e

extracted_from_files

Hash
detected SHA256 Hash: 06c64263859d87aa2eb554587e2d23183398d617427327cf2b3d0ed8c69e4800

XIOC detected SHA256 Hash: 06c64263859d87aa2eb554587e2d23183398d617427327cf2b3d0ed8c69e4800

extracted_from_files

Hash
detected SHA256 Hash: 4fceb2595057b6891a4ee808f70054bd2d12f0e97f1cbb78689b59f676df325a

XIOC detected SHA256 Hash: 4fceb2595057b6891a4ee808f70054bd2d12f0e97f1cbb78689b59f676df325a

extracted_from_files

Hash
detected SHA256 Hash: 05f713c3bf4e2ef169710223e7185c8eaa27a5e3709f64a042d7f7650c32f692

XIOC detected SHA256 Hash: 05f713c3bf4e2ef169710223e7185c8eaa27a5e3709f64a042d7f7650c32f692

extracted_from_files

URL
detected URL: https://github.com/arzg/seoul

XIOC detected URL: https://github.com/arzg/seoul

extracted_from_files

URL
detected URL: http://schemas.microsoft.com/developer/vsx-schema/2011

XIOC detected URL: http://schemas.microsoft.com/developer/vsx-schema/2011

extracted_from_files

URL
detected URL: http://schemas.microsoft.com/developer/vsx-schema-design/2011

XIOC detected URL: http://schemas.microsoft.com/developer/vsx-schema-design/2011

extracted_from_files

Hash
detected SHA256 Hash: cdb031dd78e28731d87d56cc8ffef4a8f36ca26c38fe2de700543e627f8a464a

XIOC detected SHA256 Hash: cdb031dd78e28731d87d56cc8ffef4a8f36ca26c38fe2de700543e627f8a464a

extracted_from_files

Hash
detected SHA256 Hash: d7afe4a420e3fe79967a00898cc1f4db7c8a49a9333a29f8a4bd76a253d5cd04

XIOC detected SHA256 Hash: d7afe4a420e3fe79967a00898cc1f4db7c8a49a9333a29f8a4bd76a253d5cd04

extracted_from_files

Domain
detected Domain: marketplace.visualstudio.com

XIOC detected Domain: marketplace.visualstudio.com

extracted_from_files

Hash
detected SHA256 Hash: dc6f3ad7b9d11a0c00842ff8de1b60ee58661048eb8049ed33c73594f359d7e6

XIOC detected SHA256 Hash: dc6f3ad7b9d11a0c00842ff8de1b60ee58661048eb8049ed33c73594f359d7e6

extracted_from_files

Domain
detected Domain: schemas.microsoft.com

XIOC detected Domain: schemas.microsoft.com

extracted_from_files

Domain
detected Domain: readme.md

XIOC detected Domain: readme.md

extracted_from_files

Other
detected Email: [email protected]

XIOC detected Email: [email protected]

extracted_from_files

URL
detected URL: http://schemas.openxmlformats.org/package/2006/content-types

XIOC detected URL: http://schemas.openxmlformats.org/package/2006/content-types

extracted_from_files

URL
detected URL: https://marketplace.visualstudio.com

XIOC detected URL: https://marketplace.visualstudio.com

extracted_from_files

URL
detected URL: https://github.com/rust-lang/crates.io-index

XIOC detected URL: https://github.com/rust-lang/crates.io-index

extracted_from_files

URL
detected URL: https://github.com/junegunn/seoul256.vim).

XIOC detected URL: https://github.com/junegunn/seoul256.vim).

extracted_from_files

Domain
detected Domain: crates.io

XIOC detected Domain: crates.io

extracted_from_files

Domain
detected Domain: gmail.com

XIOC detected Domain: gmail.com

extracted_from_files

Domain
detected Domain: palette.blue

XIOC detected Domain: palette.blue

extracted_from_files

Domain
detected Domain: palette.orange

XIOC detected Domain: palette.orange

extracted_from_files

Domain
detected Domain: palette.pink

XIOC detected Domain: palette.pink

extracted_from_files

Domain
detected Domain: palette.green

XIOC detected Domain: palette.green

extracted_from_files

Domain
detected Domain: seoul.build

XIOC detected Domain: seoul.build

extracted_from_files

IP
detected IP: f::b

XIOC detected IP: f::b

extracted_from_files

IP
detected IP: f::

XIOC detected IP: f::

extracted_from_files

IP
detected IP: f::f

XIOC detected IP: f::f

extracted_from_files

Domain
detected Domain: schemas.openxmlformats.org

XIOC detected Domain: schemas.openxmlformats.org

extracted_from_files

Hash
detected SHA256 Hash: 55e2e4c765aa53a0424761bf9f41aa7a6ac1efa87238f59560640e27fca028f2

XIOC detected SHA256 Hash: 55e2e4c765aa53a0424761bf9f41aa7a6ac1efa87238f59560640e27fca028f2

extracted_from_files

Domain
detected Domain: secrets.open

XIOC detected Domain: secrets.open

extracted_from_files

Domain
detected Domain: github.com

XIOC detected Domain: github.com

extracted_from_files

IP
detected IP: e::f

XIOC detected IP: e::f

extracted_from_files

IP
detected IP: e::b

XIOC detected IP: e::b

extracted_from_files

IP
detected IP: e::da

XIOC detected IP: e::da

extracted_from_files

IP
detected IP: d::

XIOC detected IP: d::

extracted_from_files

IP
detected IP: ::

XIOC detected IP: ::

extracted_from_files

IP
detected IP: ::add

XIOC detected IP: ::add

extracted_from_files

Hash
detected SHA256 Hash: 57833692d786090e31df69247d23d0e272f4a012990588eb89e3a2395cc36282

XIOC detected SHA256 Hash: 57833692d786090e31df69247d23d0e272f4a012990588eb89e3a2395cc36282

extracted_from_files

Security Analysis Summary

Security Analysis Overview

Seoul is a Visual Studio Code Marketplace extension published by arzg. Version 1.0.0 has been analyzed by the Risky Plugins security platform, receiving a risk score of 36.32/100 (LOW risk) based on 44 security findings.

Risk Assessment

This extension presents low security risk. Some minor findings were detected, but nothing that would prevent typical usage. Reviewing the detailed findings below is recommended before use in sensitive environments.

Findings Breakdown

  • High: 3 finding(s)
  • Medium: 41 finding(s)

What Was Analyzed

The security assessment covers multiple analysis categories:

  • Malware Detection: YARA rule matching against 2,400+ malware signatures
  • Secret Detection: Scanning for exposed API keys, tokens, and credentials
  • Static Analysis: Code-level security analysis for common vulnerability patterns
  • Network Analysis: Detection of suspicious network communications and endpoints
  • Obfuscation Detection: Identification of code obfuscation techniques

Developer Information

Seoul is published by arzg on the Visual Studio Code Marketplace marketplace. The extension has approximately 855 users.

Recommendation

Exercise caution with this extension. Review the detailed findings and ensure the requested permissions align with the extension's stated functionality before installation.

Frequently Asked Questions

Similar Extensions

Related extensions from the same publisher or marketplace

sema

arzg

HIGH 5K users

Icefall

arzg

HIGH 435 users

IntelliJ Theme

arzg

HIGH 98K users

rustdoc theme

arzg

HIGH 3K users

Gamut

arzg

HIGH 390 users

Eclipse

arzg

HIGH 37K users