{"success":true,"data":{"ext":"exe","name":"Windows/DOS executable file","description":"The Windows/DOS executable file format is a legacy program file format introduced by Microsoft for MS-DOS and later used by Windows systems. It is used to store applications, installers, self-extracting archives, and other runnable binaries. Because executable files can contain active code, they are a common malware delivery mechanism and should be opened only from trusted sources; the format also includes historical variants such as NE and PE.","mime":["application/vnd.microsoft.portable-executable"],"risk_level":"High","signatures":[{"hex":"4D 5A","offset":0,"sources":[{"name":"Wikipedia","url":"https://en.wikipedia.org/wiki/List_of_file_signatures"},{"name":"Gary Kessler","url":"https://www.garykessler.net/library/file_sigs_GCK_latest.html"},{"name":"Neil Harvey FileSignatures","url":"https://raw.githubusercontent.com/neilharvey/FileSignatures/master/src/FileSignatures/Formats/Executable.cs"}]}],"related":["com","dll","sys","a","bin","elf"],"usage":{"python":"def is_exe(file_path: str) -> bool:\n    \"\"\"Check if file is a valid EXE by magic bytes.\"\"\"\n    signature = bytes([0x4D, 0x5A])\n    with open(file_path, \"rb\") as f:\n        return f.read(2) == signature","node":"function isEXE(buffer: Buffer): boolean {\n  const signature = Buffer.from([0x4D, 0x5A]);\n  return buffer.subarray(0, 2).equals(signature);\n}","go":"func IsEXE(data []byte) bool {\n    signature := []byte{0x4D, 0x5A}\n    if len(data) < 2 {\n        return false\n    }\n    return bytes.Equal(data[:2], signature)\n}"},"category":"Executables"}}