is it possible to read .exe file? [closed]

Question

It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.

Closed 8 years ago.

I want to make a project for identifying malicious software. so is it possible to read .exe file to look for the malicious part? if yes how.

Answer 1

Until an exe runs its just a binary file, so yes you can read it. However a binary file doesn't have lines, its just a constant stream.

Most virus checkers use some form of pattern recognition where they are looking for a pattern of bytes, that might be either instructions or messages, within the file. If you find enough of these to match a known virus then you flag the file as problematic.

Answer 2

You have to read .EXE file as binary and you don't have to execute it to read inside

Answer 3

is it possible to read .exe without executing it

Yes, sure.

is it possible to read .exe file line by line

In theory, you can. But I doubt that that's what you want.

You shoul read binary files (ie. exe) in chunks of bytes.

Answer 4

Reading an executable file does not execute it. Besides, an executable file is a stream of binary data and hence it may not contain newline characters. Hence, reading it line by line does not make sense. You need to read byte by byte.

Answer 5

I am not sure exacly what you mean by read line by line, do you mean that reading the actuall code. If so, then not exactly. However you can read the compiled code, using tools such as hexdump or gdb

hexdump will allow you to look at the actually binary of the file. You can use multiple formats.Given the hexdump you can read the binary and devise a program that works out the inner workings and determine the issue.

gdb allows you to look at the skeleton of a program in a much more readable format. however for gdb to work the program has to be compiled with debug flags.

There is however another program called strace. That shows you all the calls to the kernel a program makes. However this will execute the program. Maybe running in a sandbox may help.

The tools I mentoned are already compiled programs that allow you to do things you are after. But you can just read the file byte by byte and determine what your program thinks is malicious.

Hope this helps

Answer 6

No, you cannot read exe file line by line because it's a binary file, there are no lines in it.