Yesterday we had the urgent need to check if a rather old executable file that we still use on one of our x64 Win2012 production servers to do some automation tasks was built for an x86 or x64 machine type. Normally you know that in advance, but the guy who originally built the file was no longer with us and both the file name and the folder wasn't clear about that.
The tool we did use to solve our issue was the great Sigcheck by SysInternals, which is available here for free.
Once downloaded and unpacked, using it is as simple as type the following in the command-prompt:
|
1 |
sigcheck.exe C:\your-file-path.exe |
Which gives the following output:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
Sigcheck v2.55 - File version and signature viewer Copyright (C) 2004-2017 Mark Russinovich Sysinternals - www.sysinternals.com c:\your-file-path.exe: Verified: Signed Signing date: 8:59 AM 8/22/2013 Publisher: Anyone Description: Your-File Product: Your-File Prod version: 1.0.0.0 File version: 1.0.0.0 MachineType: 64-bit |
The latter line shows what we needed: 32-bit for x86 binaries, 64-bit for x64 ones.
In case you cannot download, unpack and/or execute such file, there are a lot of other techniques available to determine it, including looking at the file contents using a text editor/hex-editor: most of them are summarized in the following StackOverflow thread.
That's it for now: happy checking!
