She isolated the executable and decompressed its header using a legacy debugger from the ‘90s, something too primitive for modern malware to recognize. What unspooled wasn’t code.