A C# WPF tool designed to scan image files for embedded malware and suspicious content. The tool analyzes common image formats, such as PNG, JPG, JPEG, and WEBP, and extracts any potential malware found within the file to a designated directory for further review. This project aims to provide a lightweight, easy-to-use malware detection utility for image files.
Features Scans common image formats: PNG, JPG, JPEG, WEBP
Detects embedded executables: Identifies images with executable code (EXE headers)
Detects script injections: Flags malicious JavaScript or other embedded scripts
EXIF metadata analysis: Identifies large or suspicious metadata blocks often used for steganography
Extracts malware: Saves detected malware to the Desktop for manual inspection
Real-time logging: Provides detailed logs of the scanning process
.NET 6 or later (compatible with .NET Framework 4.8+)
Visual Studio or any C# compatible IDE
Clone the repository:
git clone https://github.com/yourusername/ImageMalwareScanner.git Open the project in Visual Studio.
Restore dependencies (if using NuGet packages).
Build and run the application.
Launch the application.
Use the "Browse Image" button to select an image file from your system.
Click "Scan Image" to begin the malware scan.
Review the scan results in the log output.
If malware is detected, the malware will be extracted and saved on your Desktop.
Optionally, you can delete the malware or perform further analysis.
C#
WPF (Windows Presentation Foundation) for the GUI
.NET 6 / .NET Framework 4.8
No third-party libraries required
💡 How It Works Byte Analysis: The tool scans the image file at a byte level to identify executable code or suspicious patterns (such as the "MZ" header indicating embedded executables).
Text-based Analysis: It decodes the image content into text and checks for script-based malware or injections.
EXIF/Metadata Scrubbing: The tool looks for oversized or abnormal EXIF metadata, which is often used to hide malicious payloads.
Malware Extraction: If malware is detected, it extracts the malicious data to a specified folder on the Desktop for further inspection.
This tool is designed for educational purposes and personal use. It helps in identifying potential threats within image files, but should not be relied upon as the sole means of protecting your system from malware. Always use additional security measures, such as antivirus software and firewalls, for comprehensive protection.
Contributions are welcome! If you have any suggestions, bug reports, or improvements, feel free to open an issue or create a pull request.
This project is licensed under the MIT License - see the LICENSE file for details.
Example Log Output:
If you run into issues or have questions, feel free to open an issue on GitHub or contact me at [email protected].
If you like this project, feel free to buy me a coffee!
