How to find an exe file is a zip SFX file, C#?

Question

In WinRar or 7Zip or ... we have a choice to convert zip file to an exe file(SFX).
Now,
How can we find, if SomeFile.exe is a SFX file or not?
Note:
This file can created by any zip applications.

score 1 · Answer 1 · answered Dec 26 '15 at 14:11

1

I found only one, but not good variant. But better than nothing. You can create all variants SFX files and pull unique service data (bytes array) from them, and check .exe files for this data. For example for my 7z SFX:

answered Dec 26 '15 at 14:11

Pavel Samoylenko

491
7
14

I created a 7ZIP SFX file with latest version of 7ZIP 15.12, I didn't see some thing like you in hex view of it. !!! – Mohammad Dayyan Dec 27 '15 at 06:05
@MohammadDayyan You are right, I have updated 7Z and didn't find this data too. Try use EXE file properties. I think this variant can be better. System.Diagnostics.FileVersionInfo.GetVersionInfo(path).FileDescription . For 7z result will be "7z SFX" – Pavel Samoylenko Dec 27 '15 at 10:23
7zip files have some information in `GetVersionInfo` but `WinRar` doesn't write anything in Version Info. So we can't use this approach. – Mohammad Dayyan Dec 27 '15 at 11:07

score 1 · Answer 2 · answered Dec 31 '15 at 13:01

1

You could look at offset 0x1C (reserved bytes) in your exe file (but first check for MZ at the beginning of the file).

See here for some examples.

answered Dec 31 '15 at 13:01

Danny_ds

11,201
1
24
46

How to find an exe file is a zip SFX file, C#?

2 Answers2