how to get from a .exe (executable file) the version, author, publisher etc and other meta data without running the .exe

4

2

How do I find out details of a .exe file - e.g. Software Author, Vendor, Date, Version etc?

When I right click on the file and select properties, I don't get this information.

However, if I upload the file to virustotal.com (don't work for them or have any association with them - so this is not a promotion) then I can see the above information.

I'd prefer not to have to upload the file, so I'm looking for a Windows tool to do this, please. This ought to be a straightforward process to read the information as my uploading to virustotal indicates that the information is already in the file. Note: I'm not using virustotal for its primary purpose to scan the .exe rather, I am using the facility that virustotal provides to read the file meta data.

Background: I'm sorting through some downloads of files and need to know more information about them.

I've already searched and not find answers for what I need which I find quite surprising.

therobyouknow

Posted 2016-04-02T11:17:01.297

Reputation: 3 596

2Right click > properties > details tab – SeanClt – 2016-04-02T11:18:29.143

Do you have an example file for us to inspect? – Daniel B – 2016-04-02T11:21:10.947

+1 upvote SeanClt and sorry - SeanCtl's comment solves the problem. Don't know why I missed it before! Well I hope the question helps others. Happy for the question to be deleted if you wish thanks. – therobyouknow – 2016-04-02T11:28:44.227

Daniel B, an example I uploaded was: https://virustotal.com/en/file/561a2fa61886d5771a1f9969a4c52a76fa42608a7a4fce36bca3e360ec28420e/analysis/

– therobyouknow – 2016-04-02T11:29:32.310

Answers

3

Apart from what SeanClt said, you could also use ExifTool. It can display metadata of many file types, including PE images (AKA .exe/.dll files). This is also what VirusTotal uses.

Example output:

Z:\Downloads>"exiftool(-k).exe" 306.23-desktop-win8-win7-winvista-64bit-english-whql.exe
ExifTool Version Number         : 10.13
File Name                       : 306.23-desktop-win8-win7-winvista-64bit-english-whql.exe
Directory                       : .
File Size                       : 175 MB
File Modification Date/Time     : 2012:10:06 19:26:26+02:00
File Access Date/Time           : 2015:05:18 19:41:46+02:00
File Creation Date/Time         : 2015:05:17 18:22:01+02:00
File Permissions                : rw-rw-rw-
File Type                       : Win32 EXE
File Type Extension             : exe
MIME Type                       : application/octet-stream
Machine Type                    : Intel 386 or later, and compatibles
Time Stamp                      : 2007:07:23 02:35:27+02:00
PE Type                         : PE32
Linker Version                  : 6.0
Code Size                       : 74752
Initialized Data Size           : 152576
Uninitialized Data Size         : 0
Entry Point                     : 0x11de6
OS Version                      : 4.0
Image Version                   : 0.0
Subsystem Version               : 4.0
Subsystem                       : Windows GUI
File Version Number             : 1.0.0.0
Product Version Number          : 1.0.0.0
File Flags Mask                 : 0x003f
File Flags                      : Private build
File OS                         : Windows NT 32-bit
Object File Type                : Executable application
File Subtype                    : 0
Language Code                   : Neutral
Character Set                   : Unicode
Company Name                    : NVIDIA Corporation
File Description                : NVIDIA Windows Display Driver Installer
File Version                    : 1, 0, 0, 0
Internal Name                   : NVIDIA Windows Display Driver Installer
Legal Copyright                 : NVIDIA Corporation
Original File Name              : 7ZSfxNew.exe
Private Build                   : July 14, 2007
Product Name                    : NVIDIA Windows Display Driver Installer
Product Version                 : 1, 0, 0, 0
-- press RETURN --

Z:\Downloads>"exiftool(-k).exe" "exiftool(-k).exe"
ExifTool Version Number         : 10.13
File Name                       : exiftool(-k).exe
Directory                       : .
File Size                       : 6.4 MB
File Modification Date/Time     : 2016:03:12 20:31:08+01:00
File Access Date/Time           : 2016:04:02 16:37:16+02:00
File Creation Date/Time         : 2016:04:02 16:37:16+02:00
File Permissions                : rw-rw-rw-
File Type                       : Win32 EXE
File Type Extension             : exe
MIME Type                       : application/octet-stream
Machine Type                    : Intel 386 or later, and compatibles
Time Stamp                      : 2006:06:02 12:45:17+02:00
PE Type                         : PE32
Linker Version                  : 6.0
Code Size                       : 12288
Initialized Data Size           : 917504
Uninitialized Data Size         : 0
Entry Point                     : 0x354c
OS Version                      : 4.0
Image Version                   : 0.0
Subsystem Version               : 4.0
Subsystem                       : Windows command line
File Version Number             : 10.1.3.0
Product Version Number          : 10.1.3.0
File Flags Mask                 : 0x003f
File Flags                      : Debug
File OS                         : Windows NT 32-bit
Object File Type                : Executable application
File Subtype                    : 0
Language Code                   : Process default
Character Set                   : Unicode
Comments                        : ExifTool EXE for Windows
Company Name                    : Phil Harvey
File Description                : Read and Write meta information
File Version                    : 10.1.3.0
Internal Name                   : ExifTool
Legal Copyright                 : Copyright (c) 2003-2016, Phil Harvey
Legal Trademarks                :
Original File Name              : exiftool(-k).exe
Private Build                   :
Product Name                    : ExifTool
Product Version                 : 10.1.3.0
Special Build                   :
Build Date                      : 2016:03:12 14:27:51
Bundled Perl Version            : ActivePerl 5.8.7
Home Page                       : http://owl.phy.queensu.ca/~phil/exiftool/

This will work on virtually any platform, including Windows, Linux and OS X.

Daniel B

Posted 2016-04-02T11:17:01.297

Reputation: 40 502

+1 great. Particularly as it's multi platform, I have a mac and boot my pcs to Ubuntu too – therobyouknow – 2016-04-02T15:12:16.617

Asked: 2016-04-02T11:17:01.297

Viewed: 9 231 times

Active: 2016-04-25T14:02:49.047