파일 시그니처(File Signatures) 모음

분석을 하다보면 파일의 헤더(File Header) 부분이 뭔지 찾아볼 때가 생긴다.
그런것들을 방지하기 위해 많이 사용되는 파일들의 헤더 시그니쳐를 정리해 두었다.

물론 내가 한건 아니고 ㅋㅋㅋㅋ
나도 퍼왔다^^ 참고 사이트는 하단에 있다.

Hex Signature/File Header	File Extension ^	ASCII Signature	Additional Info.
45 DA	.386		Executable File
23 20 6F 62 6A 65 78 70	.3md	# objexp
54 49 46 46 47 52 41 50	.3tf	TIFFGRAP
64 74 53 65 61 72 63 68	.abc	dtSearch	ABC Programming Language
4D 53 43 46 00 00 00 00	.ac_	MSCF
00 02 0? 00 0?	.acb
C3 AB CD AB	.acg	ëͫ
	.acl
4D 5A 90 00 03 00 00 00	.acm	MZ	Executable File
C3 AB CD AB	.acs	ëͫ
41 44 46 33	.adf	ADF3
	.adm
69 66 28 70 65 76 61 6C	.adp	if(peval
30 00 00 04 15 05 05 2?	.adx		Lotus Approach ADX File
21 12	.ain		AIN Archive File
0A 3C EB A2 7F EF A3 4E	.am	<ë¢ï£N
4A A5 14 1C 05 99 CC 44	.am	J¥™ÌD
5B 76 65 72 5D	.ami		Lotus Ami Pro
4D 53 43 46 00 00 00 00	.an_	MSCF
	.anb
52 49 46 46	.ani	RIFF
4D 5A 90 00 03 00 00 00	.api	MZ
D0 CF 11 E0 A1 B1 1A E1	.apr		Lotus Approach APR File
	.aps
1A 02	.arc		ARC/PKPAK Compressed 1
1A 03	.arc		ARC/PKPAK Compressed 2
1A 04	.arc		ARC/PKPAK Compressed 3
1A 08	.arc		ARC/PKPAK Compressed 4
1A 09	.arc		ARC/PKPAK Compressed 5
	.art
60 EA	.arj		ARJ Compressed
4D 53 43 46 00 00 00 00	.as_	MSCF
3C 4F 42 4A 45 43 54 20	.asa	<OBJECT
	.asd
	.asf
	.ashx
4D 00 69 00 63 00 72 00	.asms	Micr
	.aso
3C 25 40 20 43 4F 44 45	.asp	<%@ CODE
02 00 00 00 53 44 4D 00	.ast
3C 41 53 58 20 56 65 72	.asx	<ASX Ver
2E 73 6E 64	.au		SoundMachine Audio File
41 56 47 20 37 2E 30 20	.avg	AVG 7.0
	.avg
41 56 49 20	.avi		Audio Video Interleave File (AVI)
52 49 46 46	.avi	RIFF	Audio Video Interleave File (AVI)
52 49 46 46 6A 42 01 00	.avi	RIFF	Audio Video Interleave File (AVI)
41 56 47 20 37 20 2D 20	.avm	AVG 7 -
8A 01 0A 00 00 00 E1 08	.aw
4D 5A 90 00 03 00 00 00	.ax	MZ	Executable File
4D 53 43 46 00 00 00 00	.ax_	MSCF
	.axd
	.bag		AOL Feedbag
5B 33 2F 31 32 2F 32 30	.bak		Backup File
	.bas
52 45 4D 20 44 75 6D 6D	.bat		Batch File
58 54 01 00 1A 00 43 6C	.bdr	XT
FF 53 43 43 FF 4D 41 50	.bin		Binary File
42 4D	.bmp	BM	Windows Bitmap Image
42 54 4C 46 30 31 2E 30	.btl	BTLF01.0
42 5A 68	.bz		Bzip Archive
42 5A 68	.bz2		Bzip Archive
49 53 63 28	.cab		Cabinet File
4D 53 43 46	.cab	MSCF	Microsoft CAB File Format
30 82	.cat
0? 00 FF FF 00 00 06 00	.cbz
	.cdx
19 0D B7 4D 64 CE 0D D1	.cfg	·MdÎÑ
4D 53 43 46 00 00 00 00	.ch_	MSCF
49 54 53 46	.chm	ITSF	Compiled HTML/Help File
49 54 53 46 03 00 00 00	.chq	ITSF
FF FE 3F 00 61 00 62 00	.chs	ÿþ?
CA FE BA BE 00	.class	Êþº¾
43 4F 4D 2B	.clb	COM+
CA FE BA BE 00 03 00 2D	.cls	Êþº¾
	.clw
	.cmd
4D 53 43 46	.cn_	MSCF
3A 42 61 73 65 20	.cnt	:Base
4D 5A 90 00 03 00 00 00	.cnv	MZ
4A 4D	.cod	JM
4D 5A	.com	MZ
23 20 50 6F 73 74 67 72	.conf	# Postgr
3C 3F 78 6D 6C 20 76 65	.config	<?xml.version=
4D 5A	.cpl	MZ
CD DC 03 00	.cpl	ÍÜ
	.cpp
	.cpx
43 52 55 53 48	.cru		CRUSH Archive File
43 52 55 53 48	.crush		CRUSH Archive File
23 21 2F 62 69 6E 2F 63	.csh	#!/bin/c
	.css		Cascading Style Sheet
41 56 47	.ctf	AVG	AVG Antivirus
2D 2D 20	.ctl	--
3B 2A 2A	.cty	;**
00 00 02 00 0? 00 20 20	.cur
42 54 43 56 23 23 42 61	.cvb	BTCV##BaseCV
43 4F 4D 2B 01 00 00 00	.dat	COM+
D0 CF 11 E0 A1 B1 1A E1	.db		Windows Thumbnail Cache
	.dbf
CF AD 12 FE C? ?D	.dbx
3A DE 68 B1	.dcx		DCX Graphic File
72 65 67 66 AB 37	.default	regf«7
42 4D 76 3A	.dib	BMv:
3C 4F 20 6E 61 6D 65 3D	.dict
4D 5A	.dll	MZ	Dynamic Link Library
4D 5A 90 00 03 00 00 00	.dll		Dynamic Link Library
46 00 00 00 FF FF 01 00	.dms		Domain File for Domain Punch Pro software
D0 CF 11 E0 A1 B1 1A E1	.doc	ÐÏ à¡± á	Microsoft Word 2003 Document
7F FE 34 0A	.doc		MS Word
12 34 56 78 90 FF	.doc		MS Word 6.0
31 BE 00 00 00 AB 00 00	.doc		MS Word for DOS 6.0
50 4B 03 04 14 00 06 00	.docx		Microsoft Word 2007 Document
D0 CF 11 E0 A1 B1 1A E1	.dot	ÐÏ à¡± á
4D 5A	.drv	MZ
4D 5A ?? 00 ?? 00 00 00	.drv		Device Driver
4D 5A ?? 01 ?? 00 00 00	.drv		Device Driver
4D 5A	.ds	MZ
4D 47 58 20 69 74 70 64	.ds4		Micrografix Designer 4
23 20 4D 69 63 72 6F 73	.dsp	# Micros
5B 4? 65 6? 6?	.dtb
3C 21 45 4E 54 49 54 59	.dtd		XML DTD
5B 50 68 6F 6E 65 5D 0D	.dun	[Phone]	Dialup Networking File
5B 47 65 6E 65 72 61 6C	.ecf	[General]
10 00 00 05 80 00 00	.emf
25 21 50 53	.eps	%!PS-Adobe-3.1	Adobe EPS File
00 0C 00 00 00 00 00 00	.etl		Circular Trace Log File
03 00 00 00 C4 66 C4 56	.evt
4D 5A 90	.exe	MZ	Microsoft Executable
4C 01 02 00 3E 0D 1C 46	.exp		Export File
00 00 1A 00 07 80 01 00	.fm3		Lotus 123 v3 FMT File
20 00 68 00 20	.fmt		Lotus 123 v4 FMT File
4D 5A 90 00 03 00 00 00	.flt
3F 5F 03 00	.gid		Windows Help File
47 49 46 38 37 61	.gif	GIF87a	Graphics Interchange Format
47 49 46 38 39 61	.gif	GIF89a	Graphics Interchange Format
1F 8B 08	.gz		GZ Compressed File
91 33 48 46	.hap		HAP Archive File
3F 5F 03 00	.hlp	?_	Windows Help File
3C 68 74 6D 6C 3E	.htm		HyperText Markup Language 1
3C 48 54 4D 4C 3E	.htm		HyperText Markup Language 2
3C 21 44 4F 43 54	.htm		HyperText Markup Language 3
3C 21 44 4F 43 54 59 50	.htm		HyperText Markup
28 54 68 69 73 20 66 69	.hqx
48 57 50 20 44 6F 63 75 6D 65 6E 74 20 46 69 6C 65 20 56	.hwp		HWP File
D0 CF 11 E0 A1 B1 1A E1 00	.hwp		HWP File
00 00 01 00	.ico		Windows Icon File
5B 2E 53 68 65 6C 6C 43	.ini		Initialization File
FF FE 0D 00 0A 00 ?? 00	.ini		Initialization File
00 00 00 00 00 00 00 00	.iso		ISO-9660 Disc Image
FF 44 56 54 20 4B 46 00	.ix
5F 27 A8 89	.jar		JAR Archive File
FF D8 FF FE 00	.jpeg		JPG Graphical File
FF D8 FF E1	.jpg		JPG Graphical File
2D 6C 68 35 2D	.lha		LHA Compressed
21 3C 61 72 63 68 3E 0A	.lib		Object File Library
4C 00 00 00 01 14 02 00	.lnk		Windows Shortcut (Link File)
FF FE 3? 00 ?? 00 3A 00	.log
	.lzh	lh	LZ Compression File
3C 3F 78 6D 6C 20 76 65	.manifest	<?xml.version=	Manifest File
00 01 00 00 53 74 61 6E	.mdb		Microsoft Access Database
4D 54 68 64	.mid	MThd	MIDI Audio File
6D 64 61 74	.mov		QuickTime Movie
49 44 33 03	.mp3	ID3	MP3 Audio
00 00 01 B3	.mpg		MPEG Movie
00 00 01 B3	.mpeg		MPEG Movie
3C 3F 78 6D 6C 20 76 65	.msc		Microsoft Management Console Snap-in Control File
4D 5A 90 00 03 00 00 00	.msstyles		Microsoft Windows Visual Style
4D 5A 90 00 03 00 00 00	.mui		Configuration Resource File
0D 00 ?? ?? ?? 00 3F 00	.nls		National Language Support File
0D 00 ?? ?? ?? 00 6F 00	.nls		National Language Support File
1A 00 00 03 00 00 11 00	.nsf		Lotus Notes Database/Template
1A 00 00 03 00 00 11 00	.ntf		Lotus Notes Database/Template
4C 01	.obj		Compiled Object Module
4D 5A 90 00 03 00 00 00	.ocx	MZ	Object Linking and Embedding (OLE) Control Extension
4D 5A 90 00 03 00 00 00	.olb		Object Library File
25 50 44 46 2D 31 2E 33	.pdf	%PDF	Adobe Portable Document File
25 50 44 46 2D 31 2E 34	.pdf	%PDF	Adobe Portable Document File
89 50 4E 47 0D 0A 1A 0A	.png	‰PNG	Portable Network Graphic
7E 42 4B 00	.psp		PaintShop Pro Image File
21 42 44 4E 4D 37 4C CA	.pst	!BDN	Personal Folder File
D0 CF 11 E0 A1 B1 1A E1	.pub		Microsoft Publisher Document
6D 64 61 74	.qt		Quicktime Movie File
2E 72 61 FD	.ra		Real Audio File
2E 72 61 FD	.ram		Real Audio File
52 61 72 21	.rar		RAR Archive File
52 45 47 45 44 49 54 30	.reg
ED AB EE DB	.rpm		RPM Archive File
7B 5C 71 74 66 31	.rtf	{\rtf1	Rich Text Format File
7B 5C 72 74 66 31	.rtf	{\rtf1	Rich Text Format File
53 49 54 21	.sit		Stuffit v1 Archive File
53 74 75 66 66 49 74	.sit		Stuffit v5 Archive File
4D 5A	.sys		Executable File
1F 8B	.tar		Gzip Archive File
1F 8B	.tgz		Gzip Archive File
49 49 2A	.tif		TIFF (Intel)
4D 4D 2A	.tif		TIFF (Motorola)
49 49 2A	.tiff		TIFF (Intel)
4D 4D 2A	.tiff		TIFF (Motorola)
43 68 61 72 61 63 74 65	.tlb
	.txt		Text File
55 46 41	.ufa		UFA Archive File
EF BB BF 3C 3F 78 6D 6C	.u3i
55 43 45 58 ?? ?? 00 00	.uce
5B 49 6E 74 65 72 6E 65	.url		Internet Shortcut
54 79 70 65 3D 45 78 65	.vbp
27 2A 2A 2A 2A 2A 2A 2A	.vbs
27 2D 2D 2D 2D 2D 2D 2D	.vbs
42 45 47 49 4E 3A 56 43	.vcf
62 65 67 69 6E 3A 76 63	.vcf
4D 5A 90 00 03 00 00 00	.vdm
5B 53 6F 75 72 63 65 46	.ver
4D 5A 90 00 03 00 00 00	.vxd
4D 5A 90 00 03 00 00 00	.w32
52 49 46 46	.wav
52 49 46 46	.wav	RIFF	WAVE PCM Soundfile Format
00 00 02 00 02 10 C9 00	.wb2
00 00 02 00 02 10 C9 00	.wb3
30 00 00 00 01 00 00 00	.wiz
D0 CF 11 E0 A1 B1 1A E1	.wiz
20 00 60 40 60	.wk1		Lotus 123 v1 Worksheet
00 00 1A 00 00 10 04 00	.wk3		Lotus 123 v3 Worksheet
00 00 1A 00 02 10 04 00	.wk4		Lotus 123 v5 Worksheet
4D 53 43 46 00 00 00 00	.wm_
30 26 B2 75 8E 66 CF 11	.wma
57 00 69 00 6E 00 64 00	.wmdb
D7 CD C6 9A	.wmf		Windows META File
3C 21 2D 2D 0D 0A 20 20	.wms
FF FE 3C 00 21 00 2D 00	.wms
30 26 B2 75 8E 66 CF 11	.wmz
50 4B 03 04 09 00 00 00	.wmz
FF 57 50 43	.wp		WordPerfect v5 or v6
FF 57 50 4? ?? ?? 00 00	.wpd
FF 57 50 43 23 05 00 00	.wpd
FF 57 50 47	.wpg		WordPerfect Graphic
3C 3F 77 70 6C 20 76 65	.wpl
31 BE 00 00 00 AB 00 00	.wri
7B 5C 72 74 66 31	.wri	{\rtf1	Windows Write Document
D0 CF 11 E0 A1 B1 1A E1	.wri
4D 5A 90 00 03 00 00 00	.x32
3C 3F 78 6D 6C 20 76 65	.xdr
3C 53 63 68 65 6D 61 20	.xdr
3C 3F 78 6D 6C 20 76 65	.xhtml
D0 CD 00 E0 A1 B1 1A E1	.xla
09 02 06 00 00 00 10 00	.xls		MS Excel v2
09 04 06 00 00 00 10 00	.xls		MS Excel v4
D0 CF 11 E0 A1 B1 1A E1	.xls	ÐÏ à¡± á	Microsoft Excel Sheet
D0 CF 11 E0 A1 B1 1A E1	.xlt		Microsoft Excel Sheet
3C 3F 78 6D 6C 20 76 65	.xml		Extensible Markup Language File
EF BB BF 3C 3F 78 6D 6C	.xml
FF FE 3C 00 3F 00 78 00	.xml
3C 3F 78 6D 6C 20 76 65	.xsl
EF BB BF 3C 3F 78 6D 6C	.xsl
3C 3F 78 6D 6C 20 76 65	.xul
00 ?? 49 52 49 53 20 67	.ytr
1F 9D	.z		TAR Compressed Archive File
4D 5A 90 00 03 00 00 00	.zap
50 4B 03 04	.zip		Zip Compressed
50 4B 03 04	.zip		PKZIP Compressed
50 4B 30 30 50 4B 03 04	.zip		WINZIP Compressed
50 4B 03 04 0A 00 00 00	.zip	PK	Compressed Archive
50 4B 03 04 14 00 00 00	.zip	PK	Compressed Archive
5A 4F 4F 20	.zoo		ZOO Archive File

참고 한 사이트는 아래와 같다.

-

김재벌의 IT이야기 - 포렌식을 위한 파일 시그니쳐 모음

-

파일 시그니처 모음 (Common File Signatures)

두 블로그 모두 포렌식을 공부하는 사이트로 차후에도 도움이 많이 될 듯 하다^^