This malware sample is written in Python and compiled to a .exe file with py2exe (we also wrote diary entries about Python malware compiled with PyInstaller).

Looking at the resources with, we see a PYTHON27.DLL resource and a PYTHONSCRIPT resource:

Executables compiled with py2exe for Python 2.7 can be reversed with unpy2exe.

Didier Stevens
Microsoft MVP Consumer Security

(c) SANS Internet Storm Center. Creative Commons Attribution-Noncommercial 3.0 United States License.
IBM BigFix Remote Control CVE-2016-2932 Security Bypass Vulnerability
IBM Tivoli Remote Control CVE-2016-2931 Information Disclosure Vulnerability
Multiple Symantec Products CVE-2016-6590 DLL Loading Local Privilege Escalation Vulnerability
Internet Storm Center Infocon Status