General

  • Target

    SideQuest-0.0.12-x64-win.exe

  • Size

    76.1MB

  • MD5

    040173c11ed870e4f3eec844893e021c

  • SHA1

    ec7a5017922f2c055e6c191a7aa74ce6dd881403

  • SHA256

    00ff18deb7d3bf28c73320c88e2e21debc58da0749a06851e014265a49cad9ef

  • SHA512

    cc06be0e49563b1084968b2210b548122333b9caa312673d8bdb673330a7a4225aea746981e6c8bff8fada0b39c4b72e5add68f6f91c2daf519411fa29734a52

  • SSDEEP

    1572864:aR+qvl5JYFm8+dYBOvQR3dzGPjPZIL7hSUp4bfW3fSFqc4TlrNhcLOOhl:aHl5qk8+SBqQR3dzGbPZIfhzp32LOOhl

Score
6/10

Malware Config

Signatures

  • Requests dangerous framework permissions 3 IoCs
  • Unsigned PE 10 IoCs

    Checks for missing Authenticode signature.

Files

  • SideQuest-0.0.12-x64-win.exe
    .exe windows:4 windows x86 arch:x86

    b34f154ec913d2d2c435cbd644e91687


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/StdUtils.dll
    .dll windows:5 windows x86 arch:x86

    7b79709c0d5576549eb261e3410f95f8


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/app-64.7z
    .7z
  • LICENSE.electron.txt
  • LICENSES.chromium.html
  • SideQuest.exe
    .exe windows:5 windows x64 arch:x64

    75804bffe12a995934f63205428ac121


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • chrome_100_percent.pak
  • chrome_200_percent.pak
  • d3dcompiler_47.dll
    .dll windows:10 windows x64 arch:x64

    36f6d7806085bd3a70ed8c5dcb51f6c8


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • ffmpeg.dll
    .dll windows:5 windows x64 arch:x64

    6ed82d3226365ffafff2c57c1935d352


    Headers

    Imports

    Exports

    Sections

  • icudtl.dat
  • libEGL.dll
    .dll windows:5 windows x64 arch:x64

    585861b958c9f1fe9cc0324e1020a230


    Headers

    Imports

    Exports

    Sections

  • libGLESv2.dll
    .dll windows:5 windows x64 arch:x64

    62b94bd6c48f8e0f6d82aa2752720dbe


    Headers

    Imports

    Exports

    Sections

  • locales/am.pak
  • locales/ar.pak
  • locales/bg.pak
  • locales/bn.pak
  • locales/ca.pak
  • locales/cs.pak
  • locales/da.pak
  • locales/de.pak
  • locales/el.pak
  • locales/en-GB.pak
  • locales/en-US.pak
  • locales/es-419.pak
  • locales/es.pak
  • locales/et.pak
  • locales/fa.pak
  • locales/fi.pak
  • locales/fil.pak
  • locales/fr.pak
  • locales/gu.pak
  • locales/he.pak
  • locales/hi.pak
  • locales/hr.pak
  • locales/hu.pak
  • locales/id.pak
  • locales/it.pak
  • locales/ja.pak
  • locales/kn.pak
  • locales/ko.pak
  • locales/lt.pak
  • locales/lv.pak
  • locales/ml.pak
  • locales/mr.pak
  • locales/ms.pak
  • locales/nb.pak
  • locales/nl.pak
  • locales/pl.pak
  • locales/pt-BR.pak
  • locales/pt-PT.pak
  • locales/ro.pak
  • locales/ru.pak
  • locales/sk.pak
  • locales/sl.pak
  • locales/sr.pak
  • locales/sv.pak
  • locales/sw.pak
  • locales/ta.pak
  • locales/te.pak
  • locales/th.pak
  • locales/tr.pak
  • locales/uk.pak
  • locales/vi.pak
  • locales/zh-CN.pak
  • locales/zh-TW.pak
  • resources.pak
  • resources/app-update.yml
  • resources/app.asar
  • resources/app.asar.unpacked/build/app/3rdpartylicenses.txt
  • resources/app.asar.unpacked/build/app/Roboto-Regular-webfont.112fa84dbbfe1ca2922a.ttf
  • resources/app.asar.unpacked/build/app/Roboto-Regular-webfont.13d9d23ef6bf480304a2.svg
    .xml
  • resources/app.asar.unpacked/build/app/Roboto-Regular-webfont.ccc2dd0b454fbaab2a3c.woff
  • resources/app.asar.unpacked/build/app/Roboto-Regular-webfont.cfc3cf7f74f9eda47185.eot
  • resources/app.asar.unpacked/build/app/assets/allow-auth.webp
  • resources/app.asar.unpacked/build/app/assets/back.png
    .png
  • resources/app.asar.unpacked/build/app/assets/back.svg
  • resources/app.asar.unpacked/build/app/assets/back_arrow.svg
  • resources/app.asar.unpacked/build/app/assets/background.jpg
    .jpg
  • resources/app.asar.unpacked/build/app/assets/close.png
    .png
  • resources/app.asar.unpacked/build/app/assets/create-organisation.png
    .png
  • resources/app.asar.unpacked/build/app/assets/delete.svg
  • resources/app.asar.unpacked/build/app/assets/enable-dev-mode.png
    .png
  • resources/app.asar.unpacked/build/app/assets/expand.png
    .png
  • resources/app.asar.unpacked/build/app/assets/expand_less.png
    .png
  • resources/app.asar.unpacked/build/app/assets/feedback.png
    .png
  • resources/app.asar.unpacked/build/app/assets/folder.png
    .png
  • resources/app.asar.unpacked/build/app/assets/fonts/Roboto-Regular-webfont.eot
  • resources/app.asar.unpacked/build/app/assets/fonts/Roboto-Regular-webfont.svg
    .xml
  • resources/app.asar.unpacked/build/app/assets/fonts/Roboto-Regular-webfont.ttf
  • resources/app.asar.unpacked/build/app/assets/fonts/Roboto-Regular-webfont.woff
  • resources/app.asar.unpacked/build/app/assets/headset_settings.svg
  • resources/app.asar.unpacked/build/app/assets/home.svg
  • resources/app.asar.unpacked/build/app/assets/info.svg
  • resources/app.asar.unpacked/build/app/assets/logo.png
    .png
  • resources/app.asar.unpacked/build/app/assets/refresh.png
    .png
  • resources/app.asar.unpacked/build/app/assets/setup.svg
  • resources/app.asar.unpacked/build/app/assets/setup/connect_accept.mp4
  • resources/app.asar.unpacked/build/app/assets/setup/create_organisation.mp4
  • resources/app.asar.unpacked/build/app/assets/setup/enable_dev_mode.mp4
  • resources/app.asar.unpacked/build/app/assets/support.svg
  • resources/app.asar.unpacked/build/app/assets/transfer_files.svg
  • resources/app.asar.unpacked/build/app/assets/verify.png
    .png
  • resources/app.asar.unpacked/build/app/back_arrow.2f0a2908c0024613aeb6.svg
  • resources/app.asar.unpacked/build/app/delete.c854d90e1b59d73ef683.svg
  • resources/app.asar.unpacked/build/app/favicon.ico
    .png
  • resources/app.asar.unpacked/build/app/index.html
    .html
  • resources/app.asar.unpacked/build/app/main-es2015.7d045c5609a65e318064.js
    .js
  • resources/app.asar.unpacked/build/app/main-es5.7d045c5609a65e318064.js
    .js
  • resources/app.asar.unpacked/build/app/polyfills-es2015.4e77e537cbeb6a433666.js
    .js
  • resources/app.asar.unpacked/build/app/polyfills-es5.2d7d8d208be454f40d3d.js
    .js
  • resources/app.asar.unpacked/build/app/runtime-es2015.64c61bd775bebb7bc83e.js
    .js
  • resources/app.asar.unpacked/build/app/runtime-es5.64c61bd775bebb7bc83e.js
    .js
  • resources/app.asar.unpacked/build/app/styles.1e903db46f5bcaaf3663.css
  • resources/app.asar.unpacked/build/background.png
    .png
  • resources/app.asar.unpacked/build/[email protected]
    .png
  • resources/app.asar.unpacked/build/entitlements.mac.plist
    .xml
  • resources/app.asar.unpacked/build/experimental.apk
    .apk android

    quest.side.vr

    quest.side.vr.SignInActivity


  • resources/app.asar.unpacked/build/icon.icns
  • resources/app.asar.unpacked/build/icon.ico
  • resources/app.asar.unpacked/build/icons/1024x1024.png
    .png
  • resources/app.asar.unpacked/build/icons/128x128.png
    .png
  • resources/app.asar.unpacked/build/icons/16x16.png
    .png
  • resources/app.asar.unpacked/build/icons/24x24.png
    .png
  • resources/app.asar.unpacked/build/icons/256x256.png
    .png
  • resources/app.asar.unpacked/build/icons/32x32.png
    .png
  • resources/app.asar.unpacked/build/icons/48x48.png
    .png
  • resources/app.asar.unpacked/build/icons/512x512.png
    .png
  • resources/app.asar.unpacked/build/icons/64x64.png
    .png
  • resources/app.asar.unpacked/build/installer.nsh
  • resources/app.asar.unpacked/build/installerHeader.bmp
  • resources/app.asar.unpacked/build/installerSidebar.bmp
  • resources/app.asar.unpacked/build/notarize.js
  • resources/app.asar.unpacked/build/platform-tools/AdbWinApi.dll
    .dll windows:6 windows x86 arch:x86

    776334619bd19ec23e3a7a275473b5a7


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • resources/app.asar.unpacked/build/platform-tools/AdbWinUsbApi.dll
    .dll windows:6 windows x86 arch:x86

    72b8c869f01047191838df5f58e88dd8


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • resources/app.asar.unpacked/build/platform-tools/NOTICE.txt
  • resources/app.asar.unpacked/build/platform-tools/adb.exe
    .exe windows:6 windows x86 arch:x86

    e6e69030c3a33898b09715b432c51499


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • resources/app.asar.unpacked/build/platform-tools/dmtracedump.exe
    .exe windows:6 windows x86 arch:x86

    1c331dfb0a4b36b796e3cd9e124b409e


    Code Sign

    Headers

    Imports

    Sections

  • resources/app.asar.unpacked/build/platform-tools/etc1tool.exe
    .exe windows:6 windows x86 arch:x86

    8748f13451d6bfa4aa8f21320d4e6a26


    Code Sign

    Headers

    Imports

    Sections

  • resources/app.asar.unpacked/build/platform-tools/fastboot.exe
    .exe windows:6 windows x86 arch:x86

    e27b5a818988d9d1ef753c14fdf81d2c


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • resources/app.asar.unpacked/build/platform-tools/hprof-conv.exe
    .exe windows:6 windows x86 arch:x86

    ff005d66b325dbefcdaf11aafd3a8052


    Code Sign

    Headers

    Imports

    Sections

  • resources/app.asar.unpacked/build/platform-tools/libwinpthread-1.dll
    .dll windows:4 windows x86 arch:x86

    7558521c8fe6b78071bc407f14af1903


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • resources/app.asar.unpacked/build/platform-tools/mke2fs.conf
  • resources/app.asar.unpacked/build/platform-tools/mke2fs.exe
    .exe windows:6 windows x86 arch:x86

    1b51029e758a6d7e2fab1f5bc7ed22b0


    Code Sign

    Headers

    Imports

    Sections

  • resources/app.asar.unpacked/build/platform-tools/source.properties
  • resources/app.asar.unpacked/build/platform-tools/sqlite3.exe
    .exe windows:6 windows x86 arch:x86

    601ead71235d26ea47f027bd65f61333


    Code Sign

    Headers

    Imports

    Sections

  • resources/app.asar.unpacked/build/uninstaller.nsh
  • resources/app.asar.unpacked/build/windows-codesign.js
    .js
  • resources/elevate.exe
    .exe windows:6 windows x86 arch:x86

    c3afe98a750f2d4f1ed5d2ac323cb5e0


    Code Sign

    Headers

    Imports

    Sections

  • snapshot_blob.bin
  • swiftshader/libEGL.dll
    .dll windows:5 windows x64 arch:x64

    67db432914b7baa0738050364c019173


    Headers

    Imports

    Exports

    Sections

  • swiftshader/libGLESv2.dll
    .dll windows:5 windows x64 arch:x64

    8b4ec8564c21d6087c06b61d3d5ffbbd


    Headers

    Imports

    Exports

    Sections

  • v8_context_snapshot.bin
  • vk_swiftshader.dll
    .dll windows:5 windows x64 arch:x64

    a7af8f48f1e806eeea04222091fce342


    Headers

    Imports

    Exports

    Sections

  • vk_swiftshader_icd.json
  • vulkan-1.dll
    .dll windows:5 windows x64 arch:x64

    21c5b88eff7d67aaad312ae7a9ae2733


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsis7z.dll
    .dll windows:6 windows x86 arch:x86

    2656ea25cde98f31a490513c2db04ae8


    Headers

    Imports

    Exports

    Sections