Jump List Files Are OLE Files
Jump List files are another type of files that are actually OLE files. They can contain useful data for forensic investigations. There are a couple of tools that can extract information from these files.
Here you can see oledump analyzing an automatic Jump List file:
The stream DestList contains the Jump List data:
There are several sites on the Internet explaining the format of this data, like this one. I used this information to code a plugin for Jump List files:
The plugin takes an option (-f) to condense the information to filenames:
Please post a comment if you have another Jump List tool to share.
Didier Stevens
Microsoft MVP Consumer Security
blog.DidierStevens.com DidierStevensLabs.com
×
![]()
Diary Archives
