Identify file types using TrID file identifier

When you download a file from the internet you expose yourself to unknown threats. It does not matter how the file was downloaded – through bit-torrent, through e-mail or directly off a web site. An attacker can easily change the extension of a file and disguise it as harmless file. For example, an MP3 file can be actually an WMA file containing code to download malware from a malicious site. The only safe approach left is to identify a file type using their binary signatures.

TrID is an utility designed to identify file types from their binary signatures. TrID uses a database of definitions which describe recurring patterns for supported file types. TrID can identify what kind of file was sent to you via e-mail and help you in mitigating the attack.

You can either download the TrID file identifier from You will have to download both the binary program and the file types database and unzip both of them in the same folder. After decompressing the files you should have trid.exe and triddefs.trd in a folder as shown.

TrID.exe and triddef.trd files in the same folder

Then open a command prompt and change the path to the folder where you have the trid.exe. In Windows Vista and 7, you can simply press the Shift key and right-click on the folder and then choose Open Command Window here as shown.

Opening a command prompt in a folder in Vista

Once you are in the command window, you can start identifying file types of various downloaded file types. For example, to identify the file type of a file C:\BriteySpears.mp3, you can give the command trid C:\BritneySpears.mp3.

TrID file type scanning results

The results are shown in form of percentages. The highest possible file type is shown first. In the above example, TrID thinks that there is 46.6% possibility that the given file type is a KOZ file type. There is 33.3% possibility that the given file type is an MP file type. The decision is left to you.

You can also make TrID automatically rename the target file based on the highest probable detected file type. To automatically rename the target file, append -ae to the command line. For example, trid -ae C:\BritneySpears.mp3.

TrID scans and renames a file

You can use wild cards and specify a group of files in the target file name among many more other options. For a complete list of options and more information about TrID you can visit its webpage at :