Tuesday, October 19, 2021

Forensic Analysis of an LNK File

Shell Links or more commonly known to native Windows users as shortcut files — technically known by their extension LNK — serve to be one of the most fruitful initial access vectors for threat actors. A seemingly harmless file with a dubious icon and the hopes of malware operators on its back — the file kicks into action and spurs stages onto stages of malware to compromise a system — bravo!

The purpose of this article is to dig into the Shell Link Binary file format powering LNK files and anal…

Read More

Latest news
Related news