Menu
Given some Random.exe on Windows, how can I determine
Is there a property in File Explorer, some other tool, or programatic method I can use?
541
x86-64 is the architecture of the binary, the 64-bit version of the x86 instruction set originally introduced by AMD.
Right click on it and then select Properties. In the Properties window, go to the Details tab. There you will find information about the product name, the product version and so on.
A binary executable file is a file in a machine language for a specific processor. Binary executable files contain executable code that is represented in specific processor instructions. These instructions are executed by a processor directly. A binary file, however, can have text strings (ASCII and/or Unicode).
In general, executable -- or ready-to-run -- programs are identified as binary files and given a filename extension such as . bin or .exe. Programmers often talk about an executable program as a binary or will refer to their compiled application files as binaries.
The architecture of the executable is written in the Machine field of the COFF header. You can retrieve it programatically or manually with a hex editor:
You can see PE structure here. The valid Machine field values are listed here.
EDIT: Here's a C code that does that, untested:
int main(int argc, char *argv[]) {
FILE *f = fopen(argv[1], "rb");
uint32_t offset = 0;
fseek(f, 0x3c, SEEK_SET);
fread(&offset, sizeof(offset), 1, f);
fseek(f, offset + 4, SEEK_SET);
uint16_t machine = 0;
fread(&machine, sizeof(machine), 1, f);
printf("Machine: 0x%.4x\n", machine);
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
