Home > Daily Thoughts, Emerging Threats > Window Shortcut – LNK File Format

Window Shortcut – LNK File Format

LNK Format

Figure 01 – LNK Top Level File Structure

A computer shortcut (shortcut) is a small file containing a target URI or the name of a target program file that the shortcut represents. [wiki]

Microsoft Windows uses .lnk as the filename extension for shortcuts to local files, and .URL for shortcuts to remote files, like web pages.

Thanks to Jesse Hager for creating the specification document. Please refer this link http://www.wotsit.org/list.asp?al=L and search ‘LNK’ download good reference.

As observed, LNK trojan downloaders takes advantage of Command line string to perform malicious activity.

**Update**

0day on malformed Windows Shell Link (.LNK) Binary referred as CVE-2010-2568 and Microsoft Security Advisory (2286198)

LNK binary file format reference:

LNK_The_Windows_Shortcut_File_Format

MS-SHLLINK

  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: