Use vcpython27 archive URL as a fix for fakenet-ng.python.fireeye

[crahan]

The vcpython27 installer was removed by Microsoft (as it's now unsupported). However, in the latest available Flare VM release fakenet-ng.python.fireeye still requires vcpython27 to properly install.

Archive.org has a copy of the original installer available at https://web.archive.org/web/20210106040222/download.microsoft.com/download/7/9/6/796EF2E4-801B-4FC4-AB28-B59FBF6D907B/VCForPython27.msi

I was able to install fakenet-ng.python.fireeye by updating the URL in a local copy of the vcpython27 chocolateyinstall.ps1 file and then installing it using choco pack followed by choco install vcpython27 -s "$pwd" -f (in PowerShell). Once vcpython27 was installed, fakenet-ng.python.fireeye installed fine as well.

Can Fireeye create and host a vcpython27.fireeye version of the Chocolatey vcpython27 package using the archive.org URL noted above as a workaround? Chocolatey comments for the vcpython27 package indicate that they will also be removing the vcpython27 package soon, potentially making fakenet-ng.python.fireeye uninstallable.

[MalwareMechanic]

@crahan

Thanks for finding a link for this! However, instead of relying on that I've added a new package called fakenet-ng.fireeye that uses the FakeNet-NG releases. I've also updated the flare vm installers to use fakenet-ng.fireeye rather than fakenet-ng.python.fireeye.

Please give it a whirl and let me know if you have any issues!

[crahan]

Thanks!

I uninstalled vcpython27, uninstalled fakenet-ng.python.fireeye, installed fakenet-ng.fireeye and did not run into any issues (except for having to manually remove the original fakenet-ng shortcut and fakenet_logs desktop folder).