Deep CDR Support for HWP Files

OPSWAT Deep Content Disarm and Reconstruction (Deep CDR) is an advanced threat prevention technology defeating any file-based attacks used for Advanced Persistent Threats (APT’s), Ransomware, Zero-day attacks, etc. It sanitizes and reconstructs over 100 common file types, ensuring each file is completely usable with safe content. Supported file types include PDF, Microsoft Office, HTML, and many image files. Language/region specific file formats like JTD and HWP files are also supported.

Highlighted malicious HWP files neutralized by Deep CDR

File TypeDeep CDR FeatureThreat DetectedReference Sample
HWPRemove macro, reconstruct fileTrojan-Exploit/W32.Hwp_Exploit.207338 View
HWPProcess imageTrojan.JS.Iframe View
HWPRemove OLE, Remove macroTrojan-Downloader.Win32.Agentb.Mw View
HWPRemove macro, reconstruct fileHWP/Exploit View
HWPRemove macro, reconstruct fileDropper/Exploit-HWP View
HWPProcess image, remove macroCVE-2015-2545 View
HWPRemove OLE, remove macroEPS/Exploit.S1 View
HWPRemove OLE, remove macroTrojan.HWP.Agent.K View
HWPRemove OLE, remove macroCVE-2017-8291 View
HWPRemove OLE, remove macroDATA/HiddenCobra.A!Exploit View
HWTProcess imageTrojan.JS.Iframe View
HWTRemove macro, reconstruct fileDropper/Exploit-HWP View
HWTProcess image, remove macroCVE-2015-2545 View