In a good post on SANS ISC InfoSec Forum, Jan Kopriva (@jk0pr) shows how windows explorer shell links could be used by an attacker in order to download malicious payloads.
Article Link: https://www.andreafortuna.org/2020/07/10/using-lnk-files-as-zero-touch-downloaders/