This malware sample is written in Python and compiled to a .exe file with py2exe (we also wrote diary entries about Python malware compiled with PyInstaller). Looking at the resources with pecheck.py, we see a PYTHON27.DLL resource and a PYTHONSCRIPT resource: Executables compiled with py2exe for Python 2.7 can be reversed with unpy2exe. Didier Stevens |
DidierStevens 638 Posts ISC Handler Jan 1st 2017 |
Thread locked Subscribe |
Jan 1st 2017 5 years ago |
Sign Up for Free or Log In to start participating in the conversation!