Skip to content

Windows cursor file magic bytes (.cur)

.cur file signature: 00 00 02 00 | application/octet-stream

Category: Images

Windows cursor file (CUR) is a file format used by Microsoft Windows and maintained as part of the Windows operating system. It stores mouse cursor images and hotspot information for use by desktop applications, themes, and system interface components. CUR files are generally safe to view, though malformed files can trigger parser bugs in older software; the format remains in use for compatibility with Windows cursor customization.

Safe

Magic Bytes

Offset 0
00 00 02 00

Sources: Gary Kessler

Extension

.cur

MIME Type

application/octet-stream

Byte Offset

0

Risk Level

Safe

Validation Code

How to validate .cur files in Python

Python 
def is_cur(file_path: str) -> bool:
    """Check if file is a valid CUR by magic bytes."""
    signature = bytes([0x00, 0x00, 0x02, 0x00])
    with open(file_path, "rb") as f:
        return f.read(4) == signature

How to validate .cur files in Node.js

Node.js 
function isCUR(buffer: Buffer): boolean {
  const signature = Buffer.from([0x00, 0x00, 0x02, 0x00]);
  return buffer.subarray(0, 4).equals(signature);
}

How to validate .cur files in Go

Go 
func IsCUR(data []byte) bool {
    signature := []byte{0x00, 0x00, 0x02, 0x00}
    if len(data) < 4 {
        return false
    }
    return bytes.Equal(data[:4], signature)
}

API Endpoint

GET /api/v1/cur
curl https://filesignature.org/api/v1/cur

See the full API documentation for all endpoints and parameters.

Related Formats

.bmp .dib .ico .avif .cr2 .cr3

Frequently Asked Questions

What is a .cur file?

A .cur file is a Windows cursor file. Windows cursor file (CUR) is a file format used by Microsoft Windows and maintained as part of the Windows operating system. It stores mouse cursor images and hotspot information for use by desktop applications, themes, and system interface components. CUR files are generally safe to view, though malformed files can trigger parser bugs in older software; the format remains in use for compatibility with Windows cursor customization.

What are the magic bytes for .cur files?

The magic bytes for Windows cursor file (.cur) files are 00 00 02 00 at byte offset 0. These bytes identify the file format more reliably than the extension alone.

How do I validate a .cur file?

To validate a .cur file, read the first bytes of the file and compare them against the known magic bytes (00 00 02 00) at offset 0. This is more reliable than checking the file extension alone, as extensions can be renamed.

What is the MIME type for .cur files?

There is no officially registered MIME type for .cur files. Systems typically use application/octet-stream as a generic fallback when handling this format.

Is it safe to open .cur files?

Windows cursor file (.cur) files are generally safe to open. They are classified as low risk because they primarily contain data rather than executable code. However, always ensure files come from a trusted source.