Comment by userbinator

I doubt those serious about it wouldn't just put the actual Windows binaries through a decompiler (they're surprisingly good these days, particularly that free one from the NSA, and Microsoft even publishes the symbols for most of the binaries anyway.) Especially malware and exploits that rely on exact implementation details.