General

Malware Config

Signatures

Files

• caffeine.zip

  .zip
• caffeine32.exe

  .exe windows:5 windows x86 arch:x86

  e23a071b5110b7b149211a167974994f

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  user32

  GetWindowRect

  InflateRect

  PtInRect

  SetCursor

  GetSystemMetrics

  LoadIconW

  EnableWindow

  GetClientRect

  GetDC

  SendMessageW

  RedrawWindow

  SetCapture

  GetParent

  ReleaseCapture

  IsWindow

  GetSysColor

  MessageBeep

  CopyIcon

  ReleaseDC

  InvalidateRect

  IsIconic

  UnregisterClassW

  GetSysColorBrush

  UnpackDDElParam

  ReuseDDElParam

  DestroyMenu

  LoadAcceleratorsW

  InsertMenuItemW

  CreatePopupMenu

  SetRectEmpty

  BringWindowToTop

  TranslateAcceleratorW

  WindowFromPoint

  LoadCursorW

  SetWindowLongW

  GetWindow

  SetTimer

  GetDesktopWindow

  GetCursorPos

  GetWindowTextW

  GetTopWindow

  SendInput

  GetAsyncKeyState

  FindWindowW

  RegisterWindowMessageW

  SystemParametersInfoW

  GetMenuItemID

  GetSubMenu

  LoadMenuW

  PostMessageW

  KillTimer

  SetActiveWindow

  SetForegroundWindow

  SetMenuDefaultItem

  TrackPopupMenu

  ModifyMenuW

  GetClassNameW

  CopyRect

  FillRect

  DrawEdge

  DrawTextW

  GetMenuItemCount

  GetMenuState

  GetMenuItemInfoW

  SetMenuItemInfoW

  GetMenuCheckMarkDimensions

  GetMenuStringW

  EndPaint

  BeginPaint

  GetWindowDC

  ClientToScreen

  PostQuitMessage

  CheckMenuItem

  EnableMenuItem

  GetFocus

  LoadBitmapW

  SetMenuItemBitmaps

  ValidateRect

  PeekMessageW

  GetKeyState

  IsWindowVisible

  GetActiveWindow

  DispatchMessageW

  TranslateMessage

  GetMessageW

  CallNextHookEx

  SetWindowsHookExW

  ShowOwnedPopups

  MessageBoxW

  IsWindowEnabled

  GetLastActivePopup

  GetWindowLongW

  GetWindowThreadProcessId

  UnhookWindowsHookEx

  GetWindowPlacement

  SystemParametersInfoA

  IntersectRect

  OffsetRect

  SetWindowPos

  GetMenu

  CallWindowProcW

  DefWindowProcW

  GetDlgCtrlID

  DeferWindowPos

  EqualRect

  ScreenToClient

  AdjustWindowRectEx

  RegisterClassW

  GetClassInfoW

  GetClassInfoExW

  CreateWindowExW

  UpdateWindow

  SetMenu

  MapWindowPoints

  GetMessagePos

  GetMessageTime

  DestroyWindow

  GetDlgItem

  EndDeferWindowPos

  BeginDeferWindowPos

  GetForegroundWindow

  GetWindowTextLengthW

  SetFocus

  RemovePropW

  GetPropW

  SetPropW

  GetClassLongW

  GetCapture

  WinHelpW

  SendDlgItemMessageA

  SendDlgItemMessageW

  IsDialogMessageW

  SetWindowTextW

  ShowWindow

  EndDialog

  GetNextDlgTabItem

  CreateDialogIndirectParamW

  TabbedTextOutW

  DrawTextExW

  GrayStringW

  wtsapi32

  WTSRegisterSessionNotification

  kernel32

  InterlockedDecrement

  GetVersionExA

  LoadLibraryA

  CompareStringW

  GlobalFindAtomW

  FreeResource

  lstrlenW

  GlobalFree

  GlobalUnlock

  GetModuleHandleA

  LocalFree

  FormatMessageW

  GlobalGetAtomNameW

  lstrlenA

  WritePrivateProfileStringW

  GlobalFlags

  LocalAlloc

  LeaveCriticalSection

  TlsGetValue

  EnterCriticalSection

  GlobalReAlloc

  GlobalHandle

  InitializeCriticalSection

  TlsAlloc

  TlsSetValue

  LocalReAlloc

  GetCurrentProcessId

  TlsFree

  InterlockedIncrement

  WriteFile

  SetFilePointer

  FlushFileBuffers

  GetCurrentProcess

  SetErrorMode

  GetStartupInfoW

  RtlUnwind

  GetSystemTimeAsFileTime

  HeapAlloc

  HeapFree

  Sleep

  ExitProcess

  RaiseException

  HeapReAlloc

  HeapSize

  SetUnhandledExceptionFilter

  GetStdHandle

  GetModuleFileNameA

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  GetCommandLineW

  SetHandleCount

  GetFileType

  GetStartupInfoA

  HeapCreate

  VirtualFree

  QueryPerformanceCounter

  TerminateProcess

  UnhandledExceptionFilter

  IsDebuggerPresent

  GetCPInfo

  GetACP

  GetOEMCP

  IsValidCodePage

  LCMapStringW

  GetTimeZoneInformation

  VirtualAlloc

  InitializeCriticalSectionAndSpinCount

  GetConsoleCP

  GetConsoleMode

  LCMapStringA

  GetStringTypeA

  GetStringTypeW

  GetLocaleInfoA

  SetStdHandle

  WriteConsoleA

  GetConsoleOutputCP

  WriteConsoleW

  CreateFileA

  SetEnvironmentVariableA

  SetLastError

  GlobalAddAtomW

  CloseHandle

  GlobalDeleteAtom

  GetCurrentThread

  GetCurrentThreadId

  ConvertDefaultLocale

  EnumResourceLanguagesW

  GetModuleFileNameW

  lstrcmpA

  GetLocaleInfoW

  LoadLibraryExW

  CompareStringA

  WideCharToMultiByte

  GlobalLock

  GlobalAlloc

  GetModuleHandleW

  GetProcAddress

  GetVersion

  GetVersionExW

  SetThreadExecutionState

  MultiByteToWideChar

  FindResourceW

  LoadResource

  LockResource

  SizeofResource

  GetSystemPowerStatus

  lstrcmpW

  MulDiv

  GetWindowsDirectoryW

  LoadLibraryW

  FreeLibrary

  InterlockedExchange

  GetLastError

  GetTickCount

  DeleteCriticalSection

  gdi32

  GetPixel

  DPtoLP

  CreateSolidBrush

  CreatePatternBrush

  DeleteDC

  ScaleWindowExtEx

  SetWindowExtEx

  ScaleViewportExtEx

  SetViewportExtEx

  OffsetViewportOrgEx

  SetViewportOrgEx

  SelectObject

  Escape

  ExtTextOutW

  TextOutW

  RectVisible

  PtVisible

  DeleteObject

  SetMapMode

  SetBkMode

  RestoreDC

  SaveDC

  SetBkColor

  SetTextColor

  GetClipBox

  CreateBitmap

  Rectangle

  ExcludeClipRect

  BitBlt

  CreateCompatibleDC

  CreateCompatibleBitmap

  GetDeviceCaps

  GetTextExtentPoint32W

  GetObjectW

  CreateFontIndirectW

  GetStockObject

  winspool.drv

  OpenPrinterW

  ClosePrinter

  DocumentPropertiesW

  advapi32

  RegEnumKeyW

  RegSetValueExW

  RegCreateKeyExW

  RegOpenKeyW

  RegQueryValueW

  RegDeleteKeyW

  RegQueryValueExW

  RegOpenKeyExW

  RegCloseKey

  shell32

  DragQueryFileW

  DragFinish

  Shell_NotifyIconW

  ShellExecuteW

  shlwapi

  PathFindExtensionW

  PathFindFileNameW

  oleaut32

  VariantInit

  VariantChangeType

  VariantClear

  SystemTimeToVariantTime

  VariantTimeToSystemTime

  pdh

  PdhOpenQueryW

  PdhCloseQuery

  PdhGetFormattedCounterValue

  PdhCollectQueryData

  PdhAddCounterW

  Sections

  .text

  Size: 199KB - Virtual size: 198KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 54KB - Virtual size: 53KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 9KB - Virtual size: 24KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 61KB - Virtual size: 61KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

• caffeine64.exe

  .exe windows:5 windows x64 arch:x64

  4a6b284b9193edd74acb156ad1b9d541

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  Imports

  user32

  GetWindowRect

  InflateRect

  PtInRect

  SetCursor

  GetSystemMetrics

  LoadIconW

  EnableWindow

  GetClientRect

  GetDC

  SendMessageW

  RedrawWindow

  SetCapture

  GetParent

  ReleaseCapture

  IsWindow

  GetSysColor

  MessageBeep

  CopyIcon

  ReleaseDC

  InvalidateRect

  IsIconic

  UnregisterClassW

  GetSysColorBrush

  UnpackDDElParam

  ReuseDDElParam

  DestroyMenu

  LoadAcceleratorsW

  InsertMenuItemW

  CreatePopupMenu

  SetRectEmpty

  BringWindowToTop

  TranslateAcceleratorW

  WindowFromPoint

  LoadCursorW

  SetWindowLongW

  GetWindow

  SetTimer

  GetDesktopWindow

  GetCursorPos

  GetWindowTextW

  GetTopWindow

  SendInput

  GetAsyncKeyState

  FindWindowW

  RegisterWindowMessageW

  SystemParametersInfoW

  GetMenuItemID

  GetSubMenu

  LoadMenuW

  PostMessageW

  KillTimer

  SetActiveWindow

  SetForegroundWindow

  SetMenuDefaultItem

  TrackPopupMenu

  ModifyMenuW

  GetClassNameW

  CopyRect

  FillRect

  DrawEdge

  DrawTextW

  GetMenuItemCount

  GetMenuState

  GetMenuItemInfoW

  SetMenuItemInfoW

  GetMenuCheckMarkDimensions

  GetMenuStringW

  EndPaint

  BeginPaint

  GetWindowDC

  ClientToScreen

  PostQuitMessage

  CheckMenuItem

  EnableMenuItem

  GetFocus

  LoadBitmapW

  SetMenuItemBitmaps

  ValidateRect

  PeekMessageW

  GetKeyState

  IsWindowVisible

  GetActiveWindow

  DispatchMessageW

  TranslateMessage

  GetMessageW

  CallNextHookEx

  SetWindowsHookExW

  ShowOwnedPopups

  MessageBoxW

  IsWindowEnabled

  GetLastActivePopup

  GetWindowLongW

  GetWindowThreadProcessId

  UnhookWindowsHookEx

  GetWindowPlacement

  SystemParametersInfoA

  IntersectRect

  OffsetRect

  SetWindowPos

  GetMenu

  CallWindowProcW

  DefWindowProcW

  GetDlgCtrlID

  DeferWindowPos

  EqualRect

  ScreenToClient

  AdjustWindowRectEx

  RegisterClassW

  GetClassInfoW

  GetClassInfoExW

  CreateWindowExW

  UpdateWindow

  SetMenu

  MapWindowPoints

  GetMessagePos

  GetMessageTime

  SetWindowLongPtrW

  GetWindowLongPtrW

  DestroyWindow

  GetDlgItem

  EndDeferWindowPos

  BeginDeferWindowPos

  GetForegroundWindow

  GetWindowTextLengthW

  SetFocus

  RemovePropW

  GetPropW

  SetPropW

  GetClassLongPtrW

  GetCapture

  WinHelpW

  SendDlgItemMessageW

  SendDlgItemMessageA

  IsDialogMessageW

  SetWindowTextW

  ShowWindow

  EndDialog

  GetNextDlgTabItem

  CreateDialogIndirectParamW

  TabbedTextOutW

  DrawTextExW

  GrayStringW

  wtsapi32

  WTSRegisterSessionNotification

  kernel32

  LoadLibraryA

  CompareStringW

  GlobalFindAtomW

  FreeResource

  lstrlenW

  GlobalFree

  GlobalUnlock

  LocalFree

  FormatMessageW

  GlobalGetAtomNameW

  lstrlenA

  WritePrivateProfileStringW

  GlobalFlags

  LocalAlloc

  LeaveCriticalSection

  TlsGetValue

  EnterCriticalSection

  InitializeCriticalSection

  TlsAlloc

  GlobalReAlloc

  GlobalHandle

  TlsSetValue

  LocalReAlloc

  DeleteCriticalSection

  TlsFree

  GetVersionExA

  WriteFile

  SetFilePointer

  FlushFileBuffers

  GetCurrentProcess

  SetErrorMode

  GetStartupInfoW

  RtlLookupFunctionEntry

  RtlUnwindEx

  GetSystemTimeAsFileTime

  HeapAlloc

  HeapFree

  Sleep

  ExitProcess

  RaiseException

  RtlPcToFileHeader

  HeapReAlloc

  HeapQueryInformation

  HeapSize

  SetUnhandledExceptionFilter

  GetStdHandle

  GetModuleFileNameA

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  GetCommandLineW

  SetHandleCount

  GetFileType

  GetStartupInfoA

  EncodePointer

  DecodePointer

  FlsGetValue

  FlsSetValue

  FlsFree

  FlsAlloc

  HeapSetInformation

  HeapCreate

  QueryPerformanceCounter

  TerminateProcess

  UnhandledExceptionFilter

  IsDebuggerPresent

  RtlVirtualUnwind

  RtlCaptureContext

  GetCPInfo

  GetACP

  GetOEMCP

  IsValidCodePage

  LCMapStringW

  GetTimeZoneInformation

  InitializeCriticalSectionAndSpinCount

  GetConsoleCP

  GetConsoleMode

  LCMapStringA

  GetStringTypeA

  GetStringTypeW

  GetLocaleInfoA

  SetStdHandle

  WriteConsoleA

  GetConsoleOutputCP

  WriteConsoleW

  CreateFileA

  SetEnvironmentVariableA

  GetCurrentProcessId

  SetLastError

  GlobalAddAtomW

  CloseHandle

  GlobalDeleteAtom

  GetCurrentThread

  GetCurrentThreadId

  ConvertDefaultLocale

  EnumResourceLanguagesW

  GetModuleFileNameW

  lstrcmpA

  GetLocaleInfoW

  LoadLibraryExW

  WideCharToMultiByte

  CompareStringA

  GlobalLock

  GlobalAlloc

  GetModuleHandleW

  GetProcAddress

  GetVersion

  GetVersionExW

  SetThreadExecutionState

  MultiByteToWideChar

  FindResourceW

  LoadResource

  LockResource

  SizeofResource

  GetSystemPowerStatus

  lstrcmpW

  MulDiv

  GetWindowsDirectoryW

  LoadLibraryW

  FreeLibrary

  GetLastError

  GetTickCount

  gdi32

  DPtoLP

  CreateSolidBrush

  CreatePatternBrush

  DeleteDC

  ScaleWindowExtEx

  SetWindowExtEx

  ScaleViewportExtEx

  SetViewportExtEx

  OffsetViewportOrgEx

  SetViewportOrgEx

  SelectObject

  Escape

  ExtTextOutW

  TextOutW

  RectVisible

  PtVisible

  DeleteObject

  SetMapMode

  SetBkMode

  RestoreDC

  SaveDC

  SetBkColor

  SetTextColor

  GetClipBox

  CreateBitmap

  Rectangle

  ExcludeClipRect

  BitBlt

  CreateCompatibleDC

  CreateCompatibleBitmap

  GetDeviceCaps

  GetTextExtentPoint32W

  GetObjectW

  CreateFontIndirectW

  GetStockObject

  GetPixel

  winspool.drv

  OpenPrinterW

  ClosePrinter

  DocumentPropertiesW

  advapi32

  RegEnumKeyW

  RegSetValueExW

  RegCreateKeyExW

  RegOpenKeyW

  RegQueryValueW

  RegDeleteKeyW

  RegQueryValueExW

  RegOpenKeyExW

  RegCloseKey

  shell32

  DragQueryFileW

  DragFinish

  Shell_NotifyIconW

  ShellExecuteW

  shlwapi

  PathFindExtensionW

  PathFindFileNameW

  oleaut32

  VariantInit

  VariantChangeType

  VariantClear

  SystemTimeToVariantTime

  VariantTimeToSystemTime

  pdh

  PdhOpenQueryW

  PdhCloseQuery

  PdhGetFormattedCounterValue

  PdhCollectQueryData

  PdhAddCounterW

  Sections

  .text

  Size: 240KB - Virtual size: 239KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 91KB - Virtual size: 90KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 12KB - Virtual size: 35KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 18KB - Virtual size: 17KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 61KB - Virtual size: 61KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ