Error while parsing file with macro

[johnylate29]

Hi guys! Thanks for a good tool! I have a problem while trying to deobfuscate some VBA macros. I think this is a problem not on a Viper Monkey side but maybe you faced this before and can tell me in what direction I should search.

Ubuntu 18.04.2 LTS python 2.7.15

Sample with macros: https://app.any.run/tasks/01bc5799-47d9-47f5-8ee7-598c7c5fc21f

Output:

PARSING VBA CODE: Traceback (most recent call last): File "/home/user/.local/lib/python2.7/site-packages/vipermonkey/vmonkey.py", line 1400, in _process_file comp_modules = parse_streams(vba, strip_useless) File "/home/user/.local/lib/python2.7/site-packages/vipermonkey/vmonkey.py", line 1147, in parse_streams return parse_streams_serial(vba, strip_useless) File "/home/user/.local/lib/python2.7/site-packages/vipermonkey/vmonkey.py", line 1106, in parse_streams_serial m = parse_stream(subfilename, stream_path, vba_filename, vba_code, strip_useless, local_funcs) File "/home/user/.local/lib/python2.7/site-packages/vipermonkey/vmonkey.py", line 1067, in parse_stream m = module.parseString(vba_code + "\n", parseAll=True)[0] File "/home/user/.local/lib/python2.7/site-packages/pyparsing.py", line 1811, in parseString self.streamline() File "/home/user/.local/lib/python2.7/site-packages/pyparsing.py", line 3728, in streamline super(And, self).streamline() File "/home/user/.local/lib/python2.7/site-packages/pyparsing.py", line 3655, in streamline e.streamline() File "/home/user/.local/lib/python2.7/site-packages/pyparsing.py", line 4124, in streamline self.expr.streamline() File "/home/user/.local/lib/python2.7/site-packages/pyparsing.py", line 3892, in streamline super(MatchFirst, self).streamline() File "/home/user/.local/lib/python2.7/site-packages/pyparsing.py", line 3655, in streamline e.streamline() File "/home/user/.local/lib/python2.7/site-packages/pyparsing.py", line 3728, in streamline super(And, self).streamline() File "/home/user/.local/lib/python2.7/site-packages/pyparsing.py", line 3655, in streamline e.streamline() File "/home/user/.local/lib/python2.7/site-packages/pyparsing.py", line 3728, in streamline super(And, self).streamline() File "/home/user/.local/lib/python2.7/site-packages/pyparsing.py", line 3655, in streamline e.streamline()

[kirk-sayre-work]

Could you try this sample with the dev fork of ViperMonkey (https://github.com/kirk-sayre-work/ViperMonkey) ? This sample is analyzed successfully with that fork.