py2exe Decompiling - Part 1

Published: 2017-01-01
Last Updated: 2017-01-01 22:41:49 UTC
by Didier Stevens (Version: 1)
0 comment(s)

This malware sample is written in Python and compiled to a .exe file with py2exe (we also wrote diary entries about Python malware compiled with PyInstaller).

Looking at the resources with pecheck.py, we see a PYTHON27.DLL resource and a PYTHONSCRIPT resource:

Executables compiled with py2exe for Python 2.7 can be reversed with unpy2exe.

Didier Stevens
Microsoft MVP Consumer Security
blog.DidierStevens.com DidierStevensLabs.com
NVISO

Keywords: malware python
0 comment(s)

Comments


Diary Archives