py2exe Decompiling - Part 1
This malware sample is written in Python and compiled to a .exe file with py2exe (we also wrote diary entries about Python malware compiled with PyInstaller).
Looking at the resources with pecheck.py, we see a PYTHON27.DLL resource and a PYTHONSCRIPT resource:
Executables compiled with py2exe for Python 2.7 can be reversed with unpy2exe.
Didier Stevens
Microsoft MVP Consumer Security
blog.DidierStevens.com DidierStevensLabs.com
NVISO
×
Diary Archives
Comments