The anti-malware company Avast announced the release of retargetable machine-code decompiler (RetDec) as open source in an effort to boost the fight against malicious codes.
RetDec, short for Retargetable Decompiler, was originally created as a joint project by the Faculty of Information Technology of the Brno University of Technology and AVG Technologies. Avast acquired AVG Technologies in 2016.
RetDec is now available for anyone on GitHub under the MIT license, this means that security experts can modify its source code and redistribute it.
Avast decided to open-source the Retargetable Decompiler to provide “a generic tool to transform platform-specific code, such as x86/PE executable files, into a higher form of representation, such as C source code.”
The utility includes support for multiple platforms, different architectures, file formats, and compilers.
“The decompiler is not limited to any particular target architecture, operating system, or executable file format:
The tool currently supports only Windows (7 or later) and Linux, but pre-built packages are available only for Windows.
RetDec features are:
Courtesy of an IDA (Interactive Disassembler) plugin, the utility is able to decompile files directly from the IDA disassembler.
RetDec is a powerful utility that allows optimizing reconstruction of original source code “by using a large set of supported architectures and file formats, as well as in-house heuristics and algorithms to decode and reconstruct applications.”
The decompiler can be used via the API through retdec-python.
(Security Affairs – malware, decompiler)