Windows/DOS executable file (.exe)

.exe file signature | application/vnd.microsoft.portable-executable

The Windows/DOS executable file format is a legacy program file format introduced by Microsoft for MS-DOS and later used by Windows systems. It is used to store applications, installers, self-extracting archives, and other runnable binaries. Because executable files can contain active code, they are a common malware delivery mechanism and should be opened only from trusted sources; the format also includes historical variants such as NE and PE.

High

High Risk Format

This file type can contain executable code. Always validate the source and scan with antivirus before opening.

Magic Bytes

Offset 0


              4D 5A

Sources: Wikipedia, Gary Kessler, Neil Harvey FileSignatures

Extension

.exe

MIME Type

application/vnd.microsoft.portable-executable

Byte Offset

Risk Level

High

Validation Code

How to validate .exe files in Python

Python

def is_exe(file_path: str) -> bool:
    """Check if file is a valid EXE by magic bytes."""
    signature = bytes([0x4D, 0x5A])
    with open(file_path, "rb") as f:
        return f.read(2) == signature

How to validate .exe files in Node.js

Node.js

function isEXE(buffer: Buffer): boolean {
  const signature = Buffer.from([0x4D, 0x5A]);
  return buffer.subarray(0, 2).equals(signature);
}

How to validate .exe files in Go

func IsEXE(data []byte) bool {
    signature := []byte{0x4D, 0x5A}
    if len(data) < 2 {
        return false
    }
    return bytes.Equal(data[:2], signature)
}

API Endpoint

GET /api/v1/exe


              curl https://filesignature.org/api/v1/exe

See the full API documentation for all endpoints and parameters.

Related Formats

.com .dll .sys .a .elf .wasm

Frequently Asked Questions

What is a .exe file?

A .exe file is a Windows/DOS executable file file. The Windows/DOS executable file format is a legacy program file format introduced by Microsoft for MS-DOS and later used by Windows systems. It is used to store applications, installers, self-extracting archives, and other runnable binaries. Because executable files can contain active code, they are a common malware delivery mechanism and should be opened only from trusted sources; the format also includes historical variants such as NE and PE.

What are the magic bytes for .exe files?

The magic bytes for Windows/DOS executable file files are 4D 5A at byte offset 0. These bytes uniquely identify the file format regardless of the file extension.

How do I validate a .exe file?

To validate a .exe file, read the first bytes of the file and compare them against the known magic bytes (4D 5A) at offset 0. This is more reliable than checking the file extension alone, as extensions can be renamed.

What is the MIME type for .exe files?

The primary MIME type for .exe files is application/vnd.microsoft.portable-executable.

Is it safe to open .exe files?

Windows/DOS executable file (.exe) files are high risk because they can contain executable code. Never open .exe files from untrusted sources. Always scan with antivirus software, verify the source, and consider running in a sandboxed environment.