LNK Files

Also known as Shortcuts

In accordance to fileinfo.com

An LNK file is a shortcut or "link" used by Windows as a reference to an original file, folder, or application similar to an alias on the Macintosh platform. It contains the shortcut target type, location, and filename as well as the program that opens the target file and an optional shortcut key.

It's imply a shortcut link those icons you regularly see in your Desktop. You can identify them by the curved arrow on the bottom left corner of the Icon.

Let's check the properties on the Icon

It tells me where it's located and what binary is executed, with it's full path included. What happens if I change the Path?.

Our icons have changed.

Can we fix this so we can confuse or trick the user? Of Course it's all in the settings and we can apply the path of the specific Icon we are searching for in the Machine.

What happens when I execute this Shortcut, it should point to our TEST File. And execute the text file.

This is a good way to also execute code we can use powershell or any of the EXECUTION techniques mentioned to call our payload, not the most stealthiest and reliable since it requires the user to interact with this file but a valueable source to know it exists.