RetDec is also the only decompiler of its scale using a proven LLVM infrastructure and provided for free, licensed under MIT.ĭecompilers can be used in a variety of situations. RetDec addresses the above mentioned issues by using a large set of supported architectures and file formats, as well as in-house heuristics and algorithms to decode and reconstruct applications.
#Decompile exe file mac software#
Furthermore, malware authors often use various obfuscation and anti-decompilation tricks to make the decompilation of their software as difficult as possible. Generally, decompilers are unable to perfectly reconstruct original source code, due to the fact that a lot of information is lost during the compilation process.
#Decompile exe file mac code#
īy preserving a program's functionality, we want the source code to reflect what the input program does as accurately as possible otherwise, we risk assuming the program does one thing, when it really does another. A decompiler is, therefore, the exact opposite of a compiler, which compiles source files into executable files this is why decompilers are sometimes also called reverse compilers. For example, the input file may be application.exe, and the output can be source code in a higher-level programming language, such as C. What is a decompiler?īefore we dive into how RetDec works, let’s briefly explain how decompilers work, in general.Ī decompiler is a program that takes an executable file as its input and attempts to transform it into a high-level representation while preserving its functionality. By open-sourcing the decompiler, we would like to make its use more widespread and invite others to cooperate with us on its continued development. The source code of the decompiler and other related tools is now available on GitHub under the MIT license.
At Avast, RetDec is actively used for analysis of malicious samples for various platforms, such as x86/PE and ARM/ELF. By generic, we mean that the tool should not be limited to a single platform, but rather support a variety of platforms, including different architectures, file formats, and compilers.
The goal behind open sourcing RetDec is to provide a generic tool to transform platform-specific code, such as x86/PE executable files, into a higher form of representation, such as C source code. Let's fight the bad guys together!Īs we announced in our Botconf 2017 presentation at the beginning of December ( slides ), RetDec, our machine-code decompiler, is now open, which means anyone can freely use it, study its source code, modify it, and redistribute it. The tool allows anyone to study the code of applications to see what the applications do, without running them. After seven years of development, Avast open-sources its machine-code decompiler for platform-independent analysis of executable files.Īvast released its analytical tool, RetDec, to help the cybersecurity community fight malicious software.