.. /.Arj

Phishing
File Archiver

Contributors:

Adithya - @ravooriadithya

Description:

File archive compressed by ARJ, a file archiver program that uses Robert Jung compression; includes long filename support, file version management, data integrity protection, and multiple volume archives. They are capable of transferring malicious executables & can be used by attackers to bypass file filters and evade antivirus and other security controls.

OS:

Windows

Recommendation:

After validating business usage, block the download and execution of arj archive files on email & web gateways and . Whitelist as required.

Resources:

https://www.trendmicro.com/en_in/research/18/j/same-old-yet-brand-new-new-file-types-emerge-in-malware-spam-attachments.html

File Samples: