Article Content
Article Number | 000035436 |
Applies To | RSA Product Set: Security Analytics RSA Product/Service Type: Malware Analysis RSA Version/Condition: 10.x |
Tasks | The article provides a list of file types that are supported for Malware Analysis in RSA Security Analytics. |
Resolution | Below is a snippet of the spectrum.lua parser which indicates the supported file types.local spectrumAnalyze = ({ RSA Engineering has confirmed that all versions of Microsoft Office documents are supported for Malware Analysis. The Office document versions showing above are because no revisions were made to the Office document format after 2007. File extensions are not considered at all. Files will be examined by Malware Analysis based upon being identified as a certain type of file by the relevant fingerprint parser. The fingerprint parsers identify a file based on its characteristics, irrespective of name or extension, neither of which are properties of a file itself. For example, even if a legacy Microsoft Word document is transmitted over the wire as "foo.txt" it will be identified by fingerprint_office_lua as filetype: office 95-2003 word document. |