Automate detection of malware in Microsoft Office documents and Embedded Executables in PDF files. Word, PowerPoint, Excel, RTF, CHM and HLP. Detect the most common Enterprise threats - variants of CVE-2009-4324, CVE-2006-2492, CVE-2009-3129, CVE-2010-3333, CVE-2012-0754, CVE-2012-0779, CVE-2012-0158, CVE-2012-1535, CVE-2012-1856, CVE-2012-5054, and Visual Basic macros.
Cryptam can detect encrypted embedded executables by conducting a cryptanalysis of the submitted document, report the key used, and detect strings associated with executables.
Detection and extraction support for combinations of various lengths of XOR encryption, bitwise ROL or ROR shifting, bitwise NOT, and transposition ciphers including header only transposition. Support for extraction of both Windows and Mac executables from documents.