We help IT Professionals succeed at work.

What app created a zip file

239 Views
Last Modified: 2019-03-04
Is there any accurate way to determine what app was used to create a zip file, e..g winzip, 7zip,windows etc. I would rather not upload the file as currently unsure of the content.
Comment
Watch Question

Test your restores, not your backups...
CERTIFIED EXPERT
Expert of the Year 2019
Top Expert 2016
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Author

Commented:
Yes its a zip extension
.will try the hex info first thing.
CERTIFIED EXPERT
Most Valuable Expert 2013

Commented:
Not aware of any program that generates a .zipfile output that appends the name of the software used (nor TBH what use that might be)

The zipfile structure is a standard using a header file 0x04034b50 to identify it in the absence of a file extension.
The file header does allow for the insertion of metadata but this is rarely used unless defined by the user when compressing.

https://en.wikipedia.org/wiki/Zip_(file_format)#File_headers
Bill PrewTest your restores, not your backups...
CERTIFIED EXPERT
Expert of the Year 2019
Top Expert 2016

Commented:
I guess in the interest of trying to help, I will ask "why do you want to know?".  What problem are you trying to solve, can you not open the ZIP, or is there something else?


»bp
Bill PrewTest your restores, not your backups...
CERTIFIED EXPERT
Expert of the Year 2019
Top Expert 2016

Commented:
@MASQ,

This is the signature reference list I prefer, and while I agree with what you said (as I also said), notice there are a couple of variants of ZIP extensions that have a slightly different or expanded signature.  It's a long shot that we might get a clue based on signature, but figured it was worth a try.

File Signatures


»bp

Author

Commented:
Its an old seemingly unused file sat on a directory on a file server that needs a tidy up, it hasnt been accessed in a couple of years. It is encrypted but we do have a team with password recovery tools available but you need to know the app used to create the zip to progress that, not that its any guarantee they can get access. The authors of the files have long since left.
Bill PrewTest your restores, not your backups...
CERTIFIED EXPERT
Expert of the Year 2019
Top Expert 2016

Commented:
Most all ZIP files will present the same to a password recovery tool, so all they should need to know is that it's a ZIP file, not a specific product.  Granted, ZIP compression and encryption can vary a bit, but a decent recovery tool should be able to deal with the common flavors.


»bp

Author

Commented:
They tried as a 7zip file (hash mode) and the tool reported back this isnt a 7zip encrypted zip file, and could not progress. Might just accept defeat.
CERTIFIED EXPERT
Most Valuable Expert 2013

Commented:
Why not just delete it?  Curiosity and Cats ...

Or move it off into a sandbox somewhere (enough cat refernces :)) and try opening it there if you really need to know what's inside.
Bill PrewTest your restores, not your backups...
CERTIFIED EXPERT
Expert of the Year 2019
Top Expert 2016

Commented:
Well, they could try it as a WINZIP file, or PKZIP file, those are two pretty popular ones.


»bp

Author

Commented:
Deletion is sounding a decent bet,a waste of peoples time really but management want to know what it was (they equally wouldnt have a clue it even existed until we asked them what they wanted to do with it). Somewhat annoying really that people encrypt files and dont rely on the ACL already protecting access.
Bill PrewTest your restores, not your backups...
CERTIFIED EXPERT
Expert of the Year 2019
Top Expert 2016

Commented:
Yes, this is probably a good time to deal with it, and make a decision to keep or delete.  And since you can't decrypt it by known methods then delete seems like the right choice...


»bp

Author

Commented:
I wont pretend to know much about sandbox and how that may bypass encryption or reveal content without the password... sounds dangerous!
CERTIFIED EXPERT
Most Valuable Expert 2013

Commented:
"I wont pretend to know much about sandbox and how that may bypass encryption or reveal content without the password"

It doesn't help with either but it's a safe environment in case this turns out to be something you wish you hadn't unpacked.

Author

Commented:
Ah ok thanks, good point.
John TsioumprisSoftware & Systems Engineer
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
There is always the chance that although the file has an extension e.g .zip its actually another file maybe even a .doc or an .xls and someone delibaretly changed to extension to keep it safe.
Here is article with some tools that try to "identify" unknown files
CERTIFIED EXPERT

Commented:
Rename it with a *.docx extension and see if it opens in Microsoft Word.  Some email clients mistakenly identify docx files as zip files and save them to the hard drive as *.zip because that's exactly what they are i.e. zip files with a docx extension.

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.