A Malicious .CAB Email Message
P.O. FOR 1 D-M MDC
Tue 6/18/2019 5:49 PM
From: Dinesh Padave | ARCPL - firstname.lastname@example.org
Attachment: PO- FOR 1 D-M MDC-PDF.cab (936 KB)
PFA P.O. for 1 D-M MDC & email us invoice for the same soonest
Sr. General Manager - Logistics
Description: Description: Description: logos 2 & Description: Description: Description: bhavik chem 2
Admin & Correspondence Address:-
Office No. 16, 2nd Floor, Building B-1, Laxmi Nivas CHS Ltd, Pai Nagar, S.V. Road,
Borivali (West), Mumbai – 400092.
Email ID: email@example.com / firstname.lastname@example.org
Cyber criminals usually store their malware in compressed files to help prevent antivirus software from detecting them. In other words, they do it because the compressed malicious email attachments may bypass the recipients' antivirus software.
What is a .CAB file?
Cabinet is an archive-file format for Microsoft Windows that supports lossless data compression and embedded digital certificates used for maintaining archive integrity. Cabinet files have .cab filename extensions and are recognized by their first 4 bytes MSCF. Cabinet files were known originally as Diamond files