From 6965090c6fe7f99fc304f0c4cc9c3933b26e76ee Mon Sep 17 00:00:00 2001
From: Michael Campagnaro <mikecampo@gmail.com>
Date: Wed, 26 Oct 2022 15:26:20 -0400
Subject: [PATCH] Add some batch files for dev/malware analysis work

---
 bin/file-portex-analyzer.bat                  | 21 +++++++++++++++++++
 bin/file-resource-hacker.bat                  |  4 ++++
 bin/file-sigcheck.bat                         | 12 +++++++++++
 bin/{arm_dir_files.bat => files-arm.bat}      |  0
 ...{disarm_dir_files.bat => files-disarm.bat} |  0
 5 files changed, 37 insertions(+)
 create mode 100644 bin/file-portex-analyzer.bat
 create mode 100644 bin/file-resource-hacker.bat
 create mode 100644 bin/file-sigcheck.bat
 rename bin/{arm_dir_files.bat => files-arm.bat} (100%)
 rename bin/{disarm_dir_files.bat => files-disarm.bat} (100%)

diff --git a/bin/file-portex-analyzer.bat b/bin/file-portex-analyzer.bat
new file mode 100644
index 0000000..ec4d1b3
--- /dev/null
+++ b/bin/file-portex-analyzer.bat
@@ -0,0 +1,21 @@
+@echo off
+
+if exist %1\* (
+	echo directory
+	for /F "delims=" %%f in ('dir /b /s %1') do (
+		:: skip folders
+		if not exist "%%~f\" (
+			java -jar %DEV_TOOLS%\PortexAnalyzer.jar -p "%%~f_PortexAnalyzer_Report.png" -o "%%~f_PortexAnalyzer_Report.txt" "%%~f" | more
+		)
+	)
+) else (
+	if exist "%~1_PortexAnalyzer_Report.txt" (
+		del "%~1_PortexAnalyzer_Report.txt"
+	)
+	if exist "%~1_PortexAnalyzer_Report.png" (
+		del "%~1_PortexAnalyzer_Report.png"
+	)
+	java -jar %DEV_TOOLS%\PortexAnalyzer.jar -p "%~1_PortexAnalyzer_Report.png" -o "%~1_PortexAnalyzer_Report.txt" "%~1" | more
+	start notepad "%~1_PortexAnalyzer_Report.txt"
+	start rundll32 "C:\Program Files (x86)\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %~1_PortexAnalyzer_Report.png
+)
diff --git a/bin/file-resource-hacker.bat b/bin/file-resource-hacker.bat
new file mode 100644
index 0000000..1a70831
--- /dev/null
+++ b/bin/file-resource-hacker.bat
@@ -0,0 +1,4 @@
+@echo off
+
+cd %DEV_TOOLS%\SysinternalsSuite
+start %DEV_TOOLS%\ResourceHacker.exe "%~1"
diff --git a/bin/file-sigcheck.bat b/bin/file-sigcheck.bat
new file mode 100644
index 0000000..a586c73
--- /dev/null
+++ b/bin/file-sigcheck.bat
@@ -0,0 +1,12 @@
+@echo off
+
+cd %DEV_TOOLS%\SysinternalsSuite
+if exist %1\* (
+	echo Run on a file
+) else (
+	if exist "%~1_Report.txt" (
+		del "%~1_Report.txt"
+	)
+	sigcheck.exe /a "%~1" > "%~1_sigcheck_report.txt"
+	start notepad "%~1_sigcheck_report.txt"
+)
diff --git a/bin/arm_dir_files.bat b/bin/files-arm.bat
similarity index 100%
rename from bin/arm_dir_files.bat
rename to bin/files-arm.bat
diff --git a/bin/disarm_dir_files.bat b/bin/files-disarm.bat
similarity index 100%
rename from bin/disarm_dir_files.bat
rename to bin/files-disarm.bat