Mod note: be careful with the executable, run it only on an isolated virtual machine
Don't even run untrusted executables in a virtual machine! There have been several ways of breaking out of one, and there certainly will be more!
Why in the name of Satoshi would you run it
at all?
You
decompile untrusted executables, you don't
run them.
Apparently the wallet stealer was some sort of super simple interpreted code this time and would only look for wallet.dat and upload it to the thieves this time, but next time it could very be much more advanced malware. Do not take stupid risks.
That's why I wrote "isolated" (no shared folders, preferably on a separate physical machine, guest additions disabled, etc.).