Home
Artists
Search Recent Random
Posts
Search DMs Popular Hash Lookup Tags Random
Importer
Import FAQ
Register
Partychan Matrix ThePornDude
Home Artists Posts Import Register
Patreon importer is back online! Tell your friends ✅

Live Steam VOD: PyInstaller Malware Triage - Creal Stealer (Patreon)

Published:
2024-05-21 01:51:57
Imported:
Tags:

Content

In this live stream we triage Creal Stealer, a Python stealer which has been packed with PyInstaller. We cover the differences between Python byte code disassembly and decompiling as well as provide a few tips for decompiling newer versions of Python.

Shout out to Karsten for his YouTube short which covered the same topic in 30 sections instead of an hour... go sub you you aren't already! Reversing PyInstaller in 6 Steps

Sample

  • 21a9b4859121afcf6690c2c15b795094986c0a20c36a356c3915f107ec41f67a UnpacMe

Notes

Python Malware Triage: Creal Stealer - A Few Tips To Help With PyInstaller And Friends

Files

Live Steam VOD: PyInstaller Malware Triage - Creal Stealer

Comments

m4n0w4r

Found a sample: 68754B8B2B5775692C5AD9D53A041848AB02701B660EC457EAB3E2B039849864. Your patched pycdc will crash when trying decompile the last marshal pyc stage. Could you take a look if you have free time @herrcore

Karsten Hahn

https://pylingual.io/ might work