The LZH File Archive Compression Malicious Email Attachments
A Malicious ".LZH" File Archive Compression Email Message
From: COURT ORDER email@example.com
Attachment: Court_Order.pdf (137 KB)
CASE_031952073.lzh (366 KB)
--- Notice to appear in Court #0368759073 ----
You are requested to appear in court on Monday the 27th of November 2018 at 10:00 AM.
Please, do not forget to bring all the documents related to this case.
Herein attached are the Court Order and other documents pertaining to this case.
ACE ID is: CASE#031952073
Note: The case will be heard by the judge in your absence (if you do not appear in court).
Clerk of Court.
The .LZH compression is similar to ZIP which is the most popular file compression or archive formats.
Cybercriminals usually store their malware in compressed files to help prevent antivirus software from detecting them. In other words, they do it because the compressed malicious email attachments may bypass the recipients' antivirus software.
What is a ".LZH" file?
LHA is a freeware compression utility and associated file format. It was created in 1988 by Haruyasu Yoshizaki, and originally named LHarc. A complete rewrite of LHarc, tentatively named LHx, was eventually released as LH. It was then renamed to LHA to avoid conflicting with the then-new MS-DOS 5.0 LH command.
Check the comment section below for additional information, share what you know or ask a question about this article by leaving a comment below. And, to quickly find answers to your questions, use our search
Click here help maintain Online Threat Alerts (OTA).
Note: Some of the information in samples on this website may have been impersonated or spoofed.
Comments, Questions, Answers, or Reviews
To protect your privacy, please do not post or remove sensitive information in or from your comments, questions, or reviews.
Write Your Comment, Question, Answer, or Review
NB: We will use your IP address to display your approximate location to other users.