~1 min read • Updated Sep 29, 2025
Program Overview
This Python program determines whether a given executable (such as a virus sample) runs as a 32-bit or 64-bit process.
For simplicity, we assume the file is executed on the current system and its architecture matches the system’s runtime environment.
We use the platform module to detect the architecture.
Python Code:
import platform
# Detect system architecture
arch = platform.architecture()[0]
# Display result
print("\n--- Result ---")
print(f"The executable runs as: {arch}")
Sample Output:
--- Result ---
The executable runs as: 64bit
Explanation:
- The platform.architecture() function returns the bitness of the current Python interpreter
- This can be used to infer whether the executable is 32-bit or 64-bit
- For deeper analysis, inspecting the binary headers (PE for Windows, ELF for Linux) is recommended
Written & researched by Dr. Shahin Siami