Skip main navigation

File name

Article detailing how malware can blend into your computer system by changing its file name.
File name

The name of a file is stored as metadata within the file system the file is saved to. Occasionally the name of a file can also be identified within certain file types, such as an executable files (original compiled name) for example. A file name can be changed to blend into its environment, the name appearing consistent with the naming conventions of other similar operating system file types.

Additional information…

The NT File System allows for a maximum 255 character file name. Should you enable Windows 10 long name file support, this will now allow a 32,767 character file name!

Remember the folder view will also determine how many characters are automatically displayed to a user.

If you would like to enable incredibly long file names on your Windows computer go to the following registry location here: HKLM\System\CurrentControlSet\Control\FileSystem

The LongPathEnabled value (REG_DWORD) must exist and be set to 1.

Interestingly not all printable characters are allowed as a file name nor any character selected using the Ctrl key:

Snippet of computer displaying prohibited file name characters

Windows also reserves certain names such as COM, PRN, AUX and so on.

If you would like more information on file naming conventions go here.

© PA Knowledge Ltd | 7Safe Training
This article is from the free online

Introduction to Digital Forensics: Malware Analysis and Investigations

Created by
FutureLearn - Learning For Life

Reach your personal and professional goals

Unlock access to hundreds of expert online courses and degrees from top universities and educators to gain accredited qualifications and professional CV-building certificates.

Join over 18 million learners to launch, switch or build upon your career, all at your own pace, across a wide range of topic areas.

Start Learning now