{"success":true,"data":{"ext":"sys","name":"Windows/DOS executable file","description":"The Windows/DOS executable file format is a legacy binary application format originally developed for MS-DOS and maintained through later Microsoft Windows compatibility layers. It is used to launch programs, load system utilities, and package installers or self-extracting archives on older PC systems. Because it is an older executable type, files in this format can contain active code and should be treated cautiously when received from untrusted sources.","mime":[],"risk_level":"High","signatures":[{"hex":"4D 5A","offset":0,"sources":[{"name":"Wikipedia","url":"https://en.wikipedia.org/wiki/List_of_file_signatures"},{"name":"Gary Kessler","url":"https://www.garykessler.net/library/file_sigs_GCK_latest.html"}]},{"hex":"AA AA AA AA","offset":0,"sources":[{"name":"Wikipedia","url":"https://en.wikipedia.org/wiki/List_of_file_signatures"}]},{"hex":"FF 4B 45 59 42 20 20 20","offset":0,"sources":[{"name":"Gary Kessler","url":"https://www.garykessler.net/library/file_sigs_GCK_latest.html"}]},{"hex":"FF FF FF FF","offset":0,"sources":[{"name":"Gary Kessler","url":"https://www.garykessler.net/library/file_sigs_GCK_latest.html"}]}],"related":["com","dll","exe","cpl","ocx","scr"],"usage":{"python":"def is_sys(file_path: str) -> bool:\n    \"\"\"Check if file is a valid SYS by magic bytes.\"\"\"\n    signature = bytes([0x4D, 0x5A])\n    with open(file_path, \"rb\") as f:\n        return f.read(2) == signature","node":"function isSYS(buffer: Buffer): boolean {\n  const signature = Buffer.from([0x4D, 0x5A]);\n  return buffer.subarray(0, 2).equals(signature);\n}","go":"func IsSYS(data []byte) bool {\n    signature := []byte{0x4D, 0x5A}\n    if len(data) < 2 {\n        return false\n    }\n    return bytes.Equal(data[:2], signature)\n}"},"category":"Executables"}}