guloader type error

[klikevil]

period@D5DZ5WT2 ~/src/Malware_Scripts/guloader $ apt-cache policy python3-pefile python3-yara
python3-pefile:
  Installed: 2021.9.3-1
  Candidate: 2021.9.3-1
  Version table:
 *** 2021.9.3-1 500
        500 https://http.kali.org/kali kali-rolling/main amd64 Packages
        500 https://http.kali.org/kali kali-rolling/main i386 Packages
        100 /var/lib/dpkg/status
python3-yara:
  Installed: 4.0.4-1+b1
  Candidate: 4.0.4-1+b1
  Version table:
 *** 4.0.4-1+b1 500
        500 https://http.kali.org/kali kali-rolling/main amd64 Packages
        100 /var/lib/dpkg/status

$ python3 -V
Python 3.9.2

$ ./unpacker.py New\ Order\ SO0006473\ .exe 
Traceback (most recent call last):
  File "/home/period/src/Malware_Scripts/guloader/./unpacker.py", line 60, in <module>
    data = brute_it(data)
  File "/home/period/src/Malware_Scripts/guloader/./unpacker.py", line 37, in brute_it
    needle = struct.unpack('<I', '\x81\xec\x00\x02')[0]
TypeError: a bytes-like object is required, not 'str'

For python2 it seemed to work on an older known sample.

Installing collected packages: yara, pefile
Successfully installed pefile-2019.4.18 yara-1.7.7

order ~/malware # python2 -V
Python 2.7.17

order ~/malware # python2 Malware_Scripts/guloader/unpacker.py known.exe
https://drive.google.com/uc?export=download&id=1THD-itP7iOm05w_6SQSb-C3tgd3cLMzO

But on this more recent sample:

# python2 Malware_Scripts/guloader/unpacker.py New\ Order\ SO0006473\ .exe 
Traceback (most recent call last):
  File "Malware_Scripts/guloader/unpacker.py", line 59, in <module>
    data = brute_it(data)
  File "Malware_Scripts/guloader/unpacker.py", line 40, in brute_it
    key = struct.unpack('<I', key)[0]
struct.error: unpack requires a string argument of length 4

Sample

If you cannot download from vt, please reply and I can host it somewhere else for you to fetch for testing purposes, but it appears to be a vb6 exe containing shellcode and closely behaves like guloader if not directly is.