These tools gather primary information about a file. The data gathered includes the filename, file size, file type, and file type-specific properties. The result of these tools enables the analyst to plan how to analyze the file:

• PEiD: A tool used to identify the file type, the packer, and compiler. It is built to run in Windows. It is not maintained, but still very useful.
• TrID: A command-line tool similar to PEiD. This tool has Windows and Linux versions. It can read a community-driven signature database of various file types.
• CFF Explorer: This tool is primarily used to read and make edits in a PE format file. It runs under Windows and has a lot of features, such as listing processes and dumping processes to a file. It can also be used to rebuild a process dump.
• PE Explorer: Another tool used to read and edit the structure of PE files. It can also unpack a number of executable compressed programs, such as UPX, Upack, and NSPack. PE Explorer only runs in Windows.
• Detect-it-Easy (DiE): Downloaded from https://github.com/horsicq/Detect-It-Easy, DiE is an open source tool that uses a community-driven set of algorithmic signatures to identify files. The tool has builds for Windows and Linux.
• ExifTool: This tool was primarily designed to read and edit the metadata of image files with an EXIF file format. It was further developed to extend features for other file formats, including PE files. ExifTool is available for Windows and Linux and can be downloaded from https://sno.phy.queensu.ca/~phil/exiftool/.