You may have realized that you can’t just send executable files by attaching them to your emails. Some old tactics like changing the file extension to .jpg, or throwing the file into a zip folder and sending it, or adding a random and non-existent file extension to the file, won’t work either.
What will work?
This underused method I’m going to share with you here will work. In summary, you encrypt your executable file into an image file, send it by email, and have it decrypted and extracted by your receiver.
Since this method is more intentional, it’s unlikely to be used to hurt you. Just remember, don’t run any attachment files from a total stranger on your PC.
Simply follow three simple processes:
- Prepare the file to send
- Send the file (via Gmail or Outlook, preferably)
- Extract the file
I’ve provided a detailed explanation and screenshots to guide you below.
Prepare Your File
I’m using Windows OS, so my illustrations will focus on Windows users. I believe you can follow on a Mac as well by finding the Mac equivalents.
1. Create a folder directly on one of your local drives. For this guide I created a folder on my Local Drive C: and named it “MTE Tests.” Do remember that you need to create the folder on a local drive (NOT in Libraries, Downloads, Desktop, or anywhere else).
2. Copy and paste an image into the folder. This can be any image with a size below 50kb. This helps keep your file small enough to send in an email when you’re done.
3. Copy and paste the executable file you want to send into your folder. For this example I want to send Greenshot (a free image editor software) to a friend who’s having difficulty downloading the latest version online.
4. Convert the executable file to a .zip or .rar format.
You can easily download WinRar for free if your PC doesn’t have it installed already. Convert to .rar by right-clicking on your .exe file and then select “Add to NAME-OF-YOUR-SOFTWARE.rar.”
5. To send executable files by email you have to encrypt them. Start this process by holding either of your Shift keys down and right-clicking your mouse. Select “Open command window here” from the options in the menu. Your command window will pop up with your directory path to your current folder.
6. Type in the following command:
copy/b [Your Picture Name along with Its Extension] + [The Compressed File along with Its Extension]
Note that you have the spaces:
- Between
copy/bAND your picture name - Your picture name and + (the plus symbol)
- After + (the plus symbol) and the compressed file
In my example my picture name and its extension is “Email.png,” and the .rar file and its extension is “Greenshot-INSTALLER-1.2.10.6-RELEASE.rar.”
The image above is exactly how it’ll appear. Below is an annotated image to guide you when you need it.
Press Enter.
You’ll see the message in the image below on your command window signifying that your image file has been encrypted with the executable file.
My image file was only 39KB when I started; after this process it went up to 1.65MB. Now all you need to do is send the file via Gmail or some other email service.
If You Send Executable Files by Email
Since you are sending an executable file, here are a few things to keep in mind:
Inform the recipient to check their spam mail and mark it “Not spam” in order to access and download the image.
I tested this with three email services: Zoho Mail, Gmail, and Outlook.
- Zoho was a complete no. The service would NOT give my message a chance, meaning I could neither receive nor send emails via Zoho Mail.
- Gmail accepted the email but sent it to spam. It also allows you to send the encrypted image file to other email clients, so you won’t have any trouble sending this email to anyone using Gmail.
When you open the email, you have to click “Not spam” so that you can download the image file and extract the executable file.
The email goes to your inbox, and you can then open it and download the image file.
- The most friendly of the email services I tested was Outlook. I got the email right in my inbox.
All I did was click “Download” just below the image.
Extracting the Executable File from Your Email
If you sent or received executable files using the method above, here’s how to extract the file.
1. Open the folder containing the image with the embedded executable file in it.
2. Right-click on the image, and from the pop-up menu hover on “Open with” to reveal a list of programs.
3. Choose WinRar if you have the option readily displayed. If you downloaded it and already have it running (but it’s not displayed), click on “Choose default program” and then click “Browse” to find WinRar in your Programs File or Programs folders (or where your WinRar folder is stored).
Double-click on that application to move to the options in “Open with.”
Double-click on the WinRar program in “Open with” to use the application.
Click on the software found inside your WinRar compression folder to install it on your PC.
Wrapping Up
Email services have become smarter at picking up executable files when you send them using old methods like changing the file extension to .jpg, simply using a zip folder to send the executable file, or adding a non-existent file extension to the file. Try this method I’ve shared, then leave comments on your experiences below.
If you found this article useful, please click “Yes” below.
Nicholas Godwin is a technology researcher who helps businesses tell profitable brand stories that their audiences love. He's worked on projects for Fortune 500 companies, global tech corporations and top consulting firms, from Bloomberg Beta, Accenture, PwC, and Deloitte to HP, Shell, and AT&T. You may follow his work on Twitter or simply say hello. His website is Tech Write Researcher.
17 comments
Comments are closed.
Your advice may have been useful 20 years ago. Today, anybody who cares even a little bit about security of their system, would not accept an email with an executable file attachment, even one (s)he was notified about. I know I definitely wouldn’t. How can I be sure that the notification is really from someone I know? It is a child’s play even for the most inept hacker to spoof an address.
The #1 most important security advice to computer users has always been DO NOT OPEN ANY FILES ATTACHED TO EMAILS YOU RECEIVE! Now you are not only advocating doing precisely that but you are also showing how to shortcircuit the security checks built into email programs. Take a hint from Zoho Mail and don’t do it.
I do agree with drogonmouth. Sending exe via email is not the done thing. Everybody Antivirus system automatically junks the email.
No one has all the answers. You can’t know all the reasons for why people would need anything at all. This information is out there in case you need it. You can safely ignore it if you don’t need it. It’s always better to have options.
Ugh, can’t you just upload it to Google Drive and SHARE it with the recepient?
Have you actually tried this suggestion of yours? Did it work for you?
While that is generally very good advice, expectations are everything! A discerning person can determine whether this is a dangerous endeavor or what is already expected from the sender.
I agree with the other commenters – don’t use email for windows exe files. Use Google Drive or Dropbox or whatever and upload there. Then your targets can download and check it for malware, viruses etc. before they try to install it.
Simpler method is a password-protected ZIP or RAR with a second notification with the password. Gets through all the filters I’ve encountered thus far.
When last did you try this passworded ZIP and RAR idea?
I understand this technique no longer works with gmail.
I have to say, all this does seem a bit of a performance when there are various cloud storage facilities available (for free!) and all you have to do is upload the .exe file and give the recipient the URL to your public folder to download it.
In spite of the propaganda you hear/read, for various reasons not everybody uses the cloud.
I agree with vandalii. For years I just password protect a zip file and it always works, and much easier!
I just tried to change the extension to JPG and send it. It worked and I was able to convert it easily after downloading (Gmail).
I have been using WinZip and ‘zip with encryption’ You do need to tell the recipient the passcode to decrypt & extract the original file. So far this has always worked for me; we use O365 to send email, but recipients might be using anything.
I think this is a nice post.
I was trying to send a zip file that contains the entire program but it no longer works with gmail.
It could be my own program (I just don’t want to always recompile it), so it makes sense to attach the compiled version.
It could be a program sharing between friends. There are countless legit reason to attach executable files.
Personally, I don’t think there is any valid reason to not allow sending executable files via email.
For those people arguing that you can get virus is plain stupid.
Who asked you to click the attachmeent to run the file without scanning first ?
Every time when you get any executable file, be it from email or downloaded via the internet or USB or CD/DVD or whatever media that you get your new files to your computer, you should always scan it before running it.
If you don’t it, you’re being careless and you’re the one to blame.
I have legit reason to send it via email.
I used to be able to just simply rename the extension, or password protect the file, but now none of those method works.
So, again, thank you for this post. It seems to be relatively easy.
It was a nice idea, but none of these methods work anymore. Gmail has new detection algorithms that scan each archived/attached file no matter what its file extension – or lack thereof, and detect executables that way. Encrypted (password-protected) files are no longer allowed at all. Google furthermore retains the rights to keep copies of everything passing across their network (read their EULA) and has the resources to do so; they are now a spyware organization. If you want to use them, go ahead – but beware.