file-type-signatures.txt

#
# File Type Signatures
#

1F 8B 08;GZIP
25 50 44 46;PDF
30 00 00 00 4C 66 4C 65;EVT Event Viewer File
50 4B 03 04 14 00 06 00;Office
50 4B 03 04 14 00 08 00;JAR
50 4B 53 70 58;PKSFX
37 7A BC AF 27 1C;7Zip
46 75 6E 63 74 69 6F 6E;VBS
42 5A 68;BZip2
5F 27 A8 89;JAR
FF D8 FF;JPEG
50 4B 05 06;PKZIP
52 61 72 21 1A 07;RAR
57 69 6E 5A 69 70;WinZIP
72 65 67 66;Registry Hive
7B 5C 72 74 66 31;RTF
75 73 74 61 72;TAR
D4 C3 B2 A1;WINPCAP
A1 B2 C3 D4;LIBPCAP
A1 B2 CD 34;LIBPCAP
CA FE BA BE;Class
FF 4B 45 59 42 20 20 20;SYS Keyboard Driver
FF FE;Windows Registry File
FF FE 3C 00 3F 00 78 00 6D 00 6C;Windows At Job
3C 3F 70 68 70;PHP
0D 44 4F 43;DOC
1F 8B 08;GZIP
23 20 44 69 73 6B 20 44;VMDK
30 00 00 00 4C 66 4C 65;EVT
45 6C 66 46 69 6C;EVTX
41 45 53;AESCrypt
43 4F 57 44;VMDK
43 57 53;SWF
5A 57 53;SWF
47 49 46;GIF
3C 3F 78 6D 6C;XML
46 49 4C 45;NTFS MFT
4A 41 52 43 53 00;JARCS
4B 44 4D;VMDK
4C 00 00 00 01 14 02 00;LNK
4D 53 43 46;CAB
50 4B 03 04;ZIP
5F 43 41 53 45 5F;Encase File
63 6F 6E 65 63 74 69 78;VHD
D0 CF 11 E0 A1 B1 1A E1;OLE
FF FF FF FF;SYS
23 21 2F;UNIX SCRIPT
4D 44 4D 50;MDMP
43 57 53;CWS
5A 57 53;ZWS
46 57 53;FWS (Flash)
60 EA;ARJ
1F 9D;TARZ
1F A0;TARZ
3C 25;JSP
4D 5A;EXE
E8;SYS
E9;SYS
EB;SYS

# Special
# --- Removed ---

# APT
# --- Removed ---