In Python, the python-magic module can be used to determine the file type. The installation of this module on Ubuntu Linux VM was covered in Chapter 1,Introduction to Malware Analysis.On Windows, to install thepython-magic module, you can follow the procedure mentioned athttps://github.com/ahupp/python-magic.
Once the python-magic is installed, the following commands can be used in the script to determine the file type:
$ pythonPython 2.7.12 (default, Nov 19 2016, 06:48:10)>>> import magic>>> m = magic.open(magic.MAGIC_NONE)>>> m.load()>>> ftype = m.file(r'log.exe')>>> print ftypePE32 executable (GUI) Intel 80386, for MS Windows
To demonstrate the use of detecting file type, let's take an example ...