Packaging applications for enterprise deployment via SCCM or Intune frequently requires extracting the underlying MSI or payload files from a vendor-provided EXE installer. This is necessary when you need to run a silent MSI install, inspect the package contents, inject transforms, or understand what an installer actually does before deploying it to thousands of machines. This updated guide covers all current methods — from 7-Zip and lessmsi to the Temp folder trick and IntuneWin packaging for cases where extraction is not possible.

Detail
Last UpdatedMarch 2026
Applies ToWindows 10, Windows 11, SCCM/MECM, Microsoft Intune
Tools Covered7-Zip, lessmsi, UniExtract 2, msiexec, IntuneWinAppUtil
DifficultyBeginner to Intermediate

Why Extract MSI from EXE?

EXE installers are often just wrappers around an MSI package. Extracting the MSI lets you:

  • Deploy silently via msiexec /i package.msi /qn with full MSI switch support
  • Apply MST transform files to customise installation properties at deploy time
  • Read the MSI database to find the exact ProductCode, ProductVersion, and UpgradeCode for detection rules in SCCM or Intune
  • Understand exactly what registry keys, files, and services the installer creates — essential before deploying to production
  • Extract individual files (e.g. a DLL or config file) that are bundled inside the installer

There is no universal method — EXE installers are built with many different frameworks (NSIS, Inno Setup, WiX, InstallShield, MSIX bootstrapper, etc.) and each has different extraction behaviour. Work through the methods below in order — one of them will work for any installer you encounter.

Method 1: Try Built-in EXE Extract Switches First

Many vendor EXE installers support extraction switches that dump the contents to a folder without running the installation. Always try these first before reaching for extraction tools:

# Common extraction switches — try these on any unknown EXE installer
# Replace setup.exe with the actual installer filename

setup.exe /extract "C:\Extracted"
setup.exe /extract:"C:\Extracted"
setup.exe /x "C:\Extracted"
setup.exe /x:"C:\Extracted"
setup.exe /a                          # Administrative install — common for MSI-wrapped EXEs
setup.exe /a /qn TARGETDIR="C:\Extracted"
setup.exe -extract "C:\Extracted"
setup.exe /s /x /b"C:\Extracted" /v"/qn"   # InstallShield common pattern

To identify which installer framework was used — which helps predict the correct switch — right-click the EXE, go to Properties → Details and check the File description and Product name fields. Alternatively, open the EXE in 7-Zip and look at the internal file structure (covered in Method 2).

Installer FrameworkTypical Extract Switch
InstallShield/a or /s /x /b”C:\Extract”
NSIS/x (not always supported)
Inno Setup/extract (not supported — use innounp or 7-Zip)
WiX bootstrapperNo extract switch — use 7-Zip or Temp folder method
MSI wrapped in EXE/a TARGETDIR=”C:\Extract” /qn
InstallAware7-Zip format — extract directly with 7-Zip

Method 2: 7-Zip — Universal First Attempt

7-Zip can open many EXE installers as archive files, regardless of the installer framework. It is the fastest first-line tool to try. Right-click the EXE → 7-Zip → Open archive. If 7-Zip can read the file, you will see the internal contents and can extract them normally.

For scripted extraction from the command line:

# Extract EXE contents with 7-Zip from PowerShell
$sevenZip = "C:\Program Files\7-Zip\7z.exe"
$installer = "C:\Downloads\setup.exe"
$output = "C:\Extracted"

# List contents first to see what's inside
& $sevenZip l $installer

# Extract everything
& $sevenZip x $installer -o"$output" -y

Write-Host "Extraction complete. Contents in: $output"

7-Zip works reliably for NSIS, InstallAware, self-extracting archives, and many WiX bootstrappers. It may not extract all Inno Setup or InstallShield packages cleanly — use the methods below for those.

Method 3: The Temp Folder Trick

Many EXE installers extract their payload — including the MSI — to a temporary folder during installation before cleaning up after themselves. You can intercept these files before cleanup by either pausing the installer or monitoring the Temp folder in real time.

Option A: Monitor Temp Folder During Install

Open a PowerShell window and run this watcher before starting the installer:

# Watch for new files appearing in Temp during installer execution
$tempPath = $env:TEMP
$watcher = New-Object System.IO.FileSystemWatcher
$watcher.Path = $tempPath
$watcher.IncludeSubdirectories = $true
$watcher.EnableRaisingEvents = $true

$action = {
    $path = $Event.SourceEventArgs.FullPath
    $name = $Event.SourceEventArgs.Name
    if ($name -match "\.msi$|\.cab$|\.exe$") {
        Write-Host "$(Get-Date -Format 'HH:mm:ss') — New file: $path"
    }
}

Register-ObjectEvent $watcher "Created" -Action $action | Out-Null
Write-Host "Watching $tempPath — now run your installer..."
Write-Host "Press Ctrl+C to stop watching."

# Keep script running
while ($true) { Start-Sleep 1 }

Start the installer, and when the first dialog appears (before clicking Next), switch to PowerShell — you will see the extracted files listed. Copy them before clicking through to installation.

Option B: Use Process Monitor (Sysinternals)

Run procmon.exe from Sysinternals, add a filter for Path contains .msi and Operation is WriteFile, then start the installer. Process Monitor will capture the exact path where the MSI is written — navigate there and copy it before the installer deletes it.

Method 4: lessmsi — Extract and Inspect MSI Files

Once you have the MSI file (extracted from the EXE by any of the above methods), lessmsi is the best tool for inspecting its contents and extracting individual files. It is a portable free utility designed specifically for viewing and extracting from MSI packages, and is particularly effective at reading tricky MSI files where other tools fail.

Lessmsi integrates with Windows Explorer — right-click any MSI file and select “Extract Files” to extract directly to a folder. It also includes a command-line interface for scripted use:

# lessmsi command line — extract MSI contents to a folder
lessmsi x "C:\Packages\application.msi" "C:\Extracted\"

# List MSI contents without extracting
lessmsi l "C:\Packages\application.msi"

The GUI view in lessmsi is particularly useful for packaging — it shows all MSI database tables including the Property table (where ProductCode, ProductVersion, and UpgradeCode live), the Registry table (all registry writes), the File table, and the Component table. This is exactly the information you need to write accurate SCCM or Intune detection rules.

Method 5: msiexec Administrative Install

For MSI files (not EXE wrappers), the built-in msiexec /a switch performs an administrative installation — extracting all files to a flat folder structure without actually installing the application. This is useful for inspecting contents or pre-staging files:

# Administrative install — extract MSI contents without installing
msiexec /a "C:\Packages\application.msi" /qn TARGETDIR="C:\Extracted"

# Get ProductCode, ProductVersion, and other properties from MSI
$msi = "C:\Packages\application.msi"
$windowsInstaller = New-Object -ComObject WindowsInstaller.Installer
$database = $windowsInstaller.GetType().InvokeMember(
    "OpenDatabase", "InvokeMethod", $null, $windowsInstaller, @($msi, 0)
)
$query = $database.GetType().InvokeMember(
    "OpenView", "InvokeMethod", $null, $database,
    @("SELECT `Property`, `Value` FROM `Property` WHERE `Property` IN ('ProductCode','ProductVersion','ProductName','Manufacturer','UpgradeCode')")
)
$query.GetType().InvokeMember("Execute", "InvokeMethod", $null, $query, $null)

$results = @()
do {
    $record = $query.GetType().InvokeMember("Fetch", "InvokeMethod", $null, $query, $null)
    if ($record -eq $null) { break }
    $results += [PSCustomObject]@{
        Property = $record.GetType().InvokeMember("StringData", "GetProperty", $null, $record, 1)
        Value    = $record.GetType().InvokeMember("StringData", "GetProperty", $null, $record, 2)
    }
} while ($true)

$results | Format-Table -AutoSize

Method 6: UniExtract 2 — Fallback for Difficult Installers

Universal Extractor 2 (UniExtract2) is a free open-source tool that attempts to detect the installer framework automatically and apply the appropriate extraction method. It is the recommended fallback when 7-Zip fails — particularly useful for Inno Setup installers, older InstallShield packages, and self-extracting archives that 7-Zip cannot read. Download from GitHub (github.com/Bioruebe/UniExtract2).

When Extraction Is Not Possible: Package as Win32 App for Intune

Some modern installers — particularly MSIX bootstrappers, signed EXEs with integrity checks, and encrypted self-extractors — are intentionally designed to prevent extraction. In these cases, extracting an MSI is not mandatory for Intune packaging. You can package the EXE directly as a Win32 app using the Microsoft Win32 Content Prep Tool.

# Package EXE directly as Intune Win32 app — no MSI extraction needed
# Download IntuneWinAppUtil.exe from Microsoft GitHub

.\IntuneWinAppUtil.exe -c "C:\AppPackage" -s setup.exe -o "C:\Output"

# Install command in Intune (adjust silent switch for your installer)
# NSIS:         setup.exe /S
# Inno Setup:   setup.exe /VERYSILENT /SUPPRESSMSGBOXES /NORESTART
# InstallShield: setup.exe /s /v"/qn"
# Generic:      setup.exe /quiet /norestart

For the Intune detection rule when deploying an EXE directly (no MSI ProductCode available), use a file or registry detection rule. A reliable approach is detecting a registry key written by the installer:

# Detection script for Intune Win32 app — check registry uninstall key
$appName = "Your Application Name"
$uninstallPaths = @(
    "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall",
    "HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall"
)

$found = foreach ($path in $uninstallPaths) {
    Get-ChildItem $path -ErrorAction SilentlyContinue |
        Get-ItemProperty |
        Where-Object { $_.DisplayName -like "*$appName*" }
}

if ($found) {
    Write-Host "Installed: $($found.DisplayName) v$($found.DisplayVersion)"
    exit 0
} else {
    exit 1
}

Decision Flow — Which Method to Use

SituationTry This FirstFallback
Unknown EXE — quick attempt7-Zip → Open archiveUniExtract 2
InstallShield EXE/a or /s /x /b”C:\Extract”Temp folder + Process Monitor
NSIS EXE7-ZipUniExtract 2
Inno Setup EXEUniExtract 2 (uses innounp)Temp folder trick
WiX bootstrapper EXE7-ZipTemp folder trick
MSI file — inspect contentslessmsi (GUI or CLI)msiexec /a
Cannot extract — need Intune deployIntuneWinAppUtil with EXE directly

Summary

Extracting MSI and payload files from EXE installers is a core packaging skill in 2026 — both for SCCM application packaging and Intune Win32 app deployment. Work through the methods in order: built-in extract switches, then 7-Zip, then the Temp folder trick, then UniExtract 2 as a last resort. For MSI inspection, lessmsi is the best tool available. And when extraction is genuinely not possible, the Win32 Content Prep Tool lets you package any EXE directly for Intune without ever needing the MSI.

  • Try vendor-specific extract switches (/extract, /a, /x) before any third-party tool
  • 7-Zip handles the majority of EXE formats — right-click → Open archive
  • The Temp folder trick works for almost any installer that cannot be directly extracted
  • Use lessmsi to inspect MSI database tables — ProductCode, UpgradeCode, registry writes, and file list
  • For Intune deployment when extraction fails, package the EXE directly with IntuneWinAppUtil — no MSI needed