full shell link parsing · target path · arguments · machine GUID · tracker block · timestamps · suspicious detection
drop LNK files
Drop Windows .lnk shortcut files
parse target path · command line · machine GUID · volume serial · tracker block · distributed link tracking
status
drop Windows .lnk shortcut files for deep forensic analysis