what happens to a swf when its embedded?

Question

I have some AS3 code that embeds a SWF (which itself contains AS3):

[Embed(source="/assets/myas3libswf.swf", mimeType="application/octet-stream")]
protected static const MyAs3LibSwfClass : Class;  
...
var loader:Loader= new Loader();
loader.loadBytes(new MySwfClass() as ByteArray);
...

In looking at how flash decompilers (Trillix, So-Think, etc) see this, they just show:

//MyClass_MyAs3LibSwfClass
package mypackage 
{
    import mx.core.*;

    public class MyClass_MyAs3LibSwfClass extends mx.core.ByteArrayAsset
    {
        public function MyClass_MyAs3LibSwfClass()
        {
            super();
            return;
        }
    }
}

They also don't seem to offer any way to extract the ByteArray.

Surely it can't be that easy to obfuscate AS3 code. But where did the SWF go? Looking at it with a hex editor, I can't even find the start header ("CWS") of the embedded SWF.

My question is: what happens to a SWF when its embedded as a ByteArray? And do any decompilers support extracting an embedded ByteArray?

Note: I'm not embedding this SWF in order to obfuscate (there are other reasons). I'm just interested in the decompilation ramifications of embedding.

Answer 1

Embedded data is stored in a DefineBinaryData tag of a SWF file. The SymbolClass tag then ties the data to its definition. (SWF file format specification)

If you were to decompress the SWF body appropriately (compressed SWFs start with CWS and use zlib compression after the first 8 bytes), you would see the CWS or FWS header in the raw data.

None of this speaks to how decompilers deal with the data.