Conversation

Someone sent a spam email with .lzh attachment. Now, children, raise your hand if you know what this is, or it's just me who is old enough to remember how files were compressed in DOS times.

3
0
1

It's a legitimate archive FWIW:

├── BERRY 2022
│   ├── FORAUGOR7
│   │   ├── mass stub
│   │   └── weeee
│   │       └── Another PC
│   │           └── New folder
│   ├── SORTED1
│   │   └── 22K NOVEMER 23RD INQIRY
│   └── Warzon
│       └── biin
├── New folder (2)
├── PurchaseOrder4E#88207237.exe
└── PurchaseOrder4E#88207237.lzh

With a surprise, of course.

1
0
1

@oleksandr oh, a sploit for some 1990's lzh parsing code?

1
0
1

@lkundrak Is it even possible to open this in modern Windows without installing a 3rd-party decompressor?

1
0
1

@oleksandr no idea, but very unlikely i think? perhaps targetting some winrar or winzip or total commander or whatever is used these days

2
0
1

@monsieuricon I would be more than happy to get that too.

0
0
1
@lkundrak @oleksandr if have to touch win totalcmd is still the king 😀 ugly and useful
1
0
0
@lkundrak @oleksandr there is Windows version of mc but with FMs i prefer ”designed for OS” because RW of files is sensitive and corner case mined activity.
0
0
0