Malware describes malicious software designed for attacking machines in various ways. It may slow down or shut down machines, and often steals or encrypts important files for ransom.
Malware can be divided into two categories: malware of executables (e.g., EXE files) and malware of non-executables (e.g., Portable Document Format (PDF) files). Cool File Viewer supports many common audio and video formats and can display many image, web, Word, Excel, PowerPoint and Pages layout file types. Simply select any file via the program window without first having to decide which application should be used to open a file. Ordinary users are more vulnerable to non-executables because they simply open infected documents without much worry. Cool File Viewer allows you to view any file on your PC. Hangul Word Processor (HWP) is text editing software provided by Hancom Inc., South Korea.Īlthough many options have been proposed for the detection of the malware within non-executables, it is still necessary to develop more advanced detection models because new malware for non-executables keeps appearing. HWP is one of the most widely used pieces of software in South Korea and is mainly used in schools, companies, military agencies, and governmental institutions. Due to the relationship between South Korea and North Korea, most malware attacks for HWP files are created by North Korea. The HWP files belong to non-executables, so many people in schools and governmental institutions are exposed to threats of malicious HWP files. However, due to alterations to the Hangul software, OpenOffice cannot open a document created after 97. The malicious HWP files contain byte streams of executable code, shell code, or script code. Changes in the HWP file format and changes in the Microsoft product line have raised questions about whether Microsoft products can open HWP files. The byte streams with malicious actions convey different patterns compared to benign byte streams, so it is possible to detect malware by analyzing the byte stream patterns as described in. File with this extension can be run on cross-platform. HWP stands for Hangul Word Processor, a software application with text and features written in the Korean language. Meanwhile, many studies have tried to detect malicious actions by applying machine learning models to the byte streams. HWP file extension is used to a Korean word processor, Hangul. Such methods usually involve a set of carefully designed features which are then passed to various machine learning models (logistic regression or a support vector machine (SVM) ).
These studies have a common limitation in that they require substantial effort from experts to define features for different target files (e.g., PDF documents, HWP documents, Word documents) moreover, they require substantial effort regarding the feature definitions whenever new malware appears.