Files Types

Filesec.io

Find All Filetypes

.ISO

An ISO file isn't a file system. It contains a file system. From a usage point of view, it functions the same way as a hard disk or USB device or DVD - you need to have a mount point, i.e. a place in your file system where you can mount it in order to get at the contents.

Malicious: Used to deliver unreadable payloads that will be executed by user (.lnk, .exe, .dll, etc)

Is an ISO image file a filesystem in its own right?Unix & Linux Stack Exchange

Prefatch

Informational: Prefatch files show what .exes executed. Use software to see when and what happened.

• C:\Windows\Prefatch

.SCR

An SCR file is an executable file (EXE) in the Windows-specific executable format (PE) that can be directly run by the system. SCR is a special screensaver application, usually small in size, intended to run after a set inactivity period to temporarily (until any user action) replace the user's desktop with a blank screen or moving figures, slideshows or any other imagery.

Malicious: Can be used to execute malicious code/scripts

• C:\Windows\System32

SCR File Extension - What is it and how to open SCR format - Review

Overview

Persistence – ScreensaverPenetration Testing Lab

Persistence for .SCR

.LNK

An LNK file is a shortcut or "link" used by Windows as a reference to an original file, folder, or application similar to an alias on the Macintosh platform. It contains the shortcut target type, location, and filename as well as the program that opens the target file and an optional shortcut key.

Malicious: Can be used to trick the user into executing malware (.dll, .exe, etc) or reference cmd.exe/powershell.exe and execute commands to download second stage.

Resecurity - Shortcut-based (LNK) attacks delivering malicious code on the rise

Attachments: LNK FilesRed Team Notes 2.0

Red Team Guide