A shortcut file is used by Microsoft Windows to point any sort of executable files. These shortcut files are named as LNK files, the files having “.lnk” extension. LNK files act as a direct link to reach the respective executable file without having the necessity of navigating via folder hierarchy. The LNK files, being associated with Microsoft Windows platform, hold plenty of vital Meta data information and thus, prove to be excellent evidence repository in forensic investigations.
The crucial info held by LNK file that may prove to be an outstanding evidence trail during LNK file forensics includes: –
NOTE: – Even if the actual executable file might have been deleted, there may be possibility that the respective shortcut LNK file still exists on the machine.
The anatomy of LNK file involves certain attributes that if properly referred, may provide useful info. Such valuable attributes of LNK file forensics include: –
The researchers of team Acquire Forensics, have great understanding about the anatomy of LNK file extension. Thus, the service of LNK file forensics can be delivered by the respective team assuring guaranteed extraction of data from Windows shortcut .LNK files. To avail the service,