Static task
static1
Behavioral task
behavioral1
Sample
caffeine32.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
caffeine32.exe
Resource
win10v2004-20230915-en
Behavioral task
behavioral3
Sample
caffeine64.exe
Resource
win7-20230831-en
Behavioral task
behavioral4
Sample
caffeine64.exe
Resource
win10v2004-20230915-en
General
-
Target
caffeine.zip
-
Size
305KB
-
MD5
18df4682a1c0a6a7f1c53160dc0b27ae
-
SHA1
90b5ada06055ca06d8a66a18f6cf05380076c79d
-
SHA256
083b16e4100e7a59f8ac5094938a88da47b2547f5b9eac21cc55c96ad9200585
-
SHA512
9ba2fd4d1e2336e396b97b4259240d0b6fe3fd576a1197a1897ecc1e5efcd2f3cc7b346d6afc00ff29a4d9138d8b189226963b3a4e05038324605b134156e47e
-
SSDEEP
6144:4QcBs3K0oyMhc22shfqrUhMG4ej7/L/OR6gttEZvhjqSEdagGkK:43SdMKLsNpMG4ejWwgt4hjAcgGkK
Malware Config
Signatures
-
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/caffeine32.exe unpack001/caffeine64.exe
Files
-
caffeine.zip.zip
-
caffeine32.exe.exe windows:5 windows x86
e23a071b5110b7b149211a167974994f
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
user32
GetWindowRect
InflateRect
PtInRect
SetCursor
GetSystemMetrics
LoadIconW
EnableWindow
GetClientRect
GetDC
SendMessageW
RedrawWindow
SetCapture
GetParent
ReleaseCapture
IsWindow
GetSysColor
MessageBeep
CopyIcon
ReleaseDC
InvalidateRect
IsIconic
UnregisterClassW
GetSysColorBrush
UnpackDDElParam
ReuseDDElParam
DestroyMenu
LoadAcceleratorsW
InsertMenuItemW
CreatePopupMenu
SetRectEmpty
BringWindowToTop
TranslateAcceleratorW
WindowFromPoint
LoadCursorW
SetWindowLongW
GetWindow
SetTimer
GetDesktopWindow
GetCursorPos
GetWindowTextW
GetTopWindow
SendInput
GetAsyncKeyState
FindWindowW
RegisterWindowMessageW
SystemParametersInfoW
GetMenuItemID
GetSubMenu
LoadMenuW
PostMessageW
KillTimer
SetActiveWindow
SetForegroundWindow
SetMenuDefaultItem
TrackPopupMenu
ModifyMenuW
GetClassNameW
CopyRect
FillRect
DrawEdge
DrawTextW
GetMenuItemCount
GetMenuState
GetMenuItemInfoW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
GetMenuStringW
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
PostQuitMessage
CheckMenuItem
EnableMenuItem
GetFocus
LoadBitmapW
SetMenuItemBitmaps
ValidateRect
PeekMessageW
GetKeyState
IsWindowVisible
GetActiveWindow
DispatchMessageW
TranslateMessage
GetMessageW
CallNextHookEx
SetWindowsHookExW
ShowOwnedPopups
MessageBoxW
IsWindowEnabled
GetLastActivePopup
GetWindowLongW
GetWindowThreadProcessId
UnhookWindowsHookEx
GetWindowPlacement
SystemParametersInfoA
IntersectRect
OffsetRect
SetWindowPos
GetMenu
CallWindowProcW
DefWindowProcW
GetDlgCtrlID
DeferWindowPos
EqualRect
ScreenToClient
AdjustWindowRectEx
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
UpdateWindow
SetMenu
MapWindowPoints
GetMessagePos
GetMessageTime
DestroyWindow
GetDlgItem
EndDeferWindowPos
BeginDeferWindowPos
GetForegroundWindow
GetWindowTextLengthW
SetFocus
RemovePropW
GetPropW
SetPropW
GetClassLongW
GetCapture
WinHelpW
SendDlgItemMessageA
SendDlgItemMessageW
IsDialogMessageW
SetWindowTextW
ShowWindow
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
TabbedTextOutW
DrawTextExW
GrayStringW
wtsapi32
WTSRegisterSessionNotification
kernel32
InterlockedDecrement
GetVersionExA
LoadLibraryA
CompareStringW
GlobalFindAtomW
FreeResource
lstrlenW
GlobalFree
GlobalUnlock
GetModuleHandleA
LocalFree
FormatMessageW
GlobalGetAtomNameW
lstrlenA
WritePrivateProfileStringW
GlobalFlags
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
GetCurrentProcessId
TlsFree
InterlockedIncrement
WriteFile
SetFilePointer
FlushFileBuffers
GetCurrentProcess
SetErrorMode
GetStartupInfoW
RtlUnwind
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
Sleep
ExitProcess
RaiseException
HeapReAlloc
HeapSize
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetTimeZoneInformation
VirtualAlloc
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
SetLastError
GlobalAddAtomW
CloseHandle
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
GetModuleFileNameW
lstrcmpA
GetLocaleInfoW
LoadLibraryExW
CompareStringA
WideCharToMultiByte
GlobalLock
GlobalAlloc
GetModuleHandleW
GetProcAddress
GetVersion
GetVersionExW
SetThreadExecutionState
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
GetSystemPowerStatus
lstrcmpW
MulDiv
GetWindowsDirectoryW
LoadLibraryW
FreeLibrary
InterlockedExchange
GetLastError
GetTickCount
DeleteCriticalSection
gdi32
GetPixel
DPtoLP
CreateSolidBrush
CreatePatternBrush
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
DeleteObject
SetMapMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
Rectangle
ExcludeClipRect
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
GetDeviceCaps
GetTextExtentPoint32W
GetObjectW
CreateFontIndirectW
GetStockObject
winspool.drv
OpenPrinterW
ClosePrinter
DocumentPropertiesW
advapi32
RegEnumKeyW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyW
RegQueryValueW
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
shell32
DragQueryFileW
DragFinish
Shell_NotifyIconW
ShellExecuteW
shlwapi
PathFindExtensionW
PathFindFileNameW
oleaut32
VariantInit
VariantChangeType
VariantClear
SystemTimeToVariantTime
VariantTimeToSystemTime
pdh
PdhOpenQueryW
PdhCloseQuery
PdhGetFormattedCounterValue
PdhCollectQueryData
PdhAddCounterW
Sections
.text Size: 199KB - Virtual size: 198KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 54KB - Virtual size: 53KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 9KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 61KB - Virtual size: 61KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
caffeine64.exe.exe windows:5 windows x64
4a6b284b9193edd74acb156ad1b9d541
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
user32
GetWindowRect
InflateRect
PtInRect
SetCursor
GetSystemMetrics
LoadIconW
EnableWindow
GetClientRect
GetDC
SendMessageW
RedrawWindow
SetCapture
GetParent
ReleaseCapture
IsWindow
GetSysColor
MessageBeep
CopyIcon
ReleaseDC
InvalidateRect
IsIconic
UnregisterClassW
GetSysColorBrush
UnpackDDElParam
ReuseDDElParam
DestroyMenu
LoadAcceleratorsW
InsertMenuItemW
CreatePopupMenu
SetRectEmpty
BringWindowToTop
TranslateAcceleratorW
WindowFromPoint
LoadCursorW
SetWindowLongW
GetWindow
SetTimer
GetDesktopWindow
GetCursorPos
GetWindowTextW
GetTopWindow
SendInput
GetAsyncKeyState
FindWindowW
RegisterWindowMessageW
SystemParametersInfoW
GetMenuItemID
GetSubMenu
LoadMenuW
PostMessageW
KillTimer
SetActiveWindow
SetForegroundWindow
SetMenuDefaultItem
TrackPopupMenu
ModifyMenuW
GetClassNameW
CopyRect
FillRect
DrawEdge
DrawTextW
GetMenuItemCount
GetMenuState
GetMenuItemInfoW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
GetMenuStringW
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
PostQuitMessage
CheckMenuItem
EnableMenuItem
GetFocus
LoadBitmapW
SetMenuItemBitmaps
ValidateRect
PeekMessageW
GetKeyState
IsWindowVisible
GetActiveWindow
DispatchMessageW
TranslateMessage
GetMessageW
CallNextHookEx
SetWindowsHookExW
ShowOwnedPopups
MessageBoxW
IsWindowEnabled
GetLastActivePopup
GetWindowLongW
GetWindowThreadProcessId
UnhookWindowsHookEx
GetWindowPlacement
SystemParametersInfoA
IntersectRect
OffsetRect
SetWindowPos
GetMenu
CallWindowProcW
DefWindowProcW
GetDlgCtrlID
DeferWindowPos
EqualRect
ScreenToClient
AdjustWindowRectEx
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
UpdateWindow
SetMenu
MapWindowPoints
GetMessagePos
GetMessageTime
SetWindowLongPtrW
GetWindowLongPtrW
DestroyWindow
GetDlgItem
EndDeferWindowPos
BeginDeferWindowPos
GetForegroundWindow
GetWindowTextLengthW
SetFocus
RemovePropW
GetPropW
SetPropW
GetClassLongPtrW
GetCapture
WinHelpW
SendDlgItemMessageW
SendDlgItemMessageA
IsDialogMessageW
SetWindowTextW
ShowWindow
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
TabbedTextOutW
DrawTextExW
GrayStringW
wtsapi32
WTSRegisterSessionNotification
kernel32
LoadLibraryA
CompareStringW
GlobalFindAtomW
FreeResource
lstrlenW
GlobalFree
GlobalUnlock
LocalFree
FormatMessageW
GlobalGetAtomNameW
lstrlenA
WritePrivateProfileStringW
GlobalFlags
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
InitializeCriticalSection
TlsAlloc
GlobalReAlloc
GlobalHandle
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GetVersionExA
WriteFile
SetFilePointer
FlushFileBuffers
GetCurrentProcess
SetErrorMode
GetStartupInfoW
RtlLookupFunctionEntry
RtlUnwindEx
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
Sleep
ExitProcess
RaiseException
RtlPcToFileHeader
HeapReAlloc
HeapQueryInformation
HeapSize
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
HeapSetInformation
HeapCreate
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GetCurrentProcessId
SetLastError
GlobalAddAtomW
CloseHandle
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesW
GetModuleFileNameW
lstrcmpA
GetLocaleInfoW
LoadLibraryExW
WideCharToMultiByte
CompareStringA
GlobalLock
GlobalAlloc
GetModuleHandleW
GetProcAddress
GetVersion
GetVersionExW
SetThreadExecutionState
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
GetSystemPowerStatus
lstrcmpW
MulDiv
GetWindowsDirectoryW
LoadLibraryW
FreeLibrary
GetLastError
GetTickCount
gdi32
DPtoLP
CreateSolidBrush
CreatePatternBrush
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
DeleteObject
SetMapMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
Rectangle
ExcludeClipRect
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
GetDeviceCaps
GetTextExtentPoint32W
GetObjectW
CreateFontIndirectW
GetStockObject
GetPixel
winspool.drv
OpenPrinterW
ClosePrinter
DocumentPropertiesW
advapi32
RegEnumKeyW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyW
RegQueryValueW
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
shell32
DragQueryFileW
DragFinish
Shell_NotifyIconW
ShellExecuteW
shlwapi
PathFindExtensionW
PathFindFileNameW
oleaut32
VariantInit
VariantChangeType
VariantClear
SystemTimeToVariantTime
VariantTimeToSystemTime
pdh
PdhOpenQueryW
PdhCloseQuery
PdhGetFormattedCounterValue
PdhCollectQueryData
PdhAddCounterW
Sections
.text Size: 240KB - Virtual size: 239KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 91KB - Virtual size: 90KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 35KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 18KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 61KB - Virtual size: 61KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ