• NeatNit@discuss.tchncs.de
    link
    fedilink
    arrow-up
    3
    ·
    edit-2
    5 months ago

    Well, I did get my hands on an exe file (some game on Steam) and opened it with Archive Manager. It does show some files, but the file properties say Type: application/x-ms-dos-executable (as opposed to application/zip). So it’s not an actual archive file, the archive manager is just displaying it as such to be helpful.

    The “files” I can see are:

    /.text
    /.reloc
    /.rsrc/version.txt
    /.rsrc/ICON/2.ico
    /.rsrc/ICON/3.ico
    /.rsrc/ICON/4.ico
    /.rsrc/GROUP_ICON/32512.ico

    I tried to create a zip file and rename it to .exe, but Archive Manager failed to open it at all which I found strange. You’d think it would look at the actual file contents to figure out what type of archive it is, and not rely on the extension.

    • areyouevenreal@lemm.ee
      link
      fedilink
      arrow-up
      3
      ·
      5 months ago

      Okay that’s actually slightly different from what I was expecting. Does the .text file contain machine code or assembly language by any chance? It seems the archive program can pull out the executable code as well, similar to the binary analysis tools I have worked with.

      .reloc is probably the relocation table used by the OS to load the program into an address space.

      • NeatNit@discuss.tchncs.de
        link
        fedilink
        arrow-up
        3
        ·
        5 months ago

        Yup, the .text “file” is binary, and I assume it’s exactly that - the executable machine code - but I did not try opening it with any hex editor or disassembler. I tried with a text editor, knowing in advance that it’s going to fail, and it did - there were a bunch of null or error characters shown and the editor crashed soon after.

        I honestly didn’t look any further into it, because I just don’t care. Archive Manager apparently just splits up the sections of the .exe and exposes them as if they were files in an archive. Seems as useful an approach as any.

    • Psythik@lemmy.world
      cake
      link
      fedilink
      arrow-up
      1
      arrow-down
      1
      ·
      5 months ago

      Well fair enough. You clearly have more knowledge on the subject than I do.

      FWIW, by “zip file”, I meant that the file is a compressed archive. Apologies for implying a specific file format. That wasn’t my intention.