[Direct]

Really cool stuff. I don't like being negative when it comes to fantastic moves like this, but I'm still really disappointed that it doesn't support 64bit executables.

[SkyPuncher]

A reddit comment had a pretty good explanation.

Most malicious code is still written in 32-bit since 64-bit Windows supports running 32-bit code.

Write something in 32-bit - target 100% of devices. Write something in 64-bit - target ~50% of devices.

[Zuider]

But if security software only treats 32-bit executables as suspicious, wouldn't it make sense for malware creators to switch to 64-bit?

[firethief]

Is any security software that easily bypassed?

[monocasa]

Reddit implies that it's on their roadmap.

https://www.reddit.com/r/programming/comments/7jhk6p/avast_o...

[chrisseaton]

Maybe that's why they're open sourcing this one? They have their own internal new one that does support AMD64.

[MaxBarraclough]

Agreed.

x86, ARM, MIPS, PIC32, PowerPC, but not x86-64. Impressive list, but an odd choice.

[jjoonathan]

IDA gives away x86 and charges for x86-64, maybe they're going for a similar freemium model?

[luch]

I think the problem is technical rather than commercial : https://github.com/avast-tl/retdec/issues/9.

x86_64 have calling conventions (namingly __fastcall) which are more inconvenient to decode than x86 _cdecl or __stdcall where every arguments are passed on the stack. Most symbolic engines usually works only on x86 for the same reason.