A Very Long .LNK file

Posted on 2021-08-30: https://twitter.com/stopmalvertisin/status/1431561258168324099

@StopMalvertisin:

A dear friend asked me to help out with a malcious .LNK file as sandboxes are marking it as “Trusted” because it’s PowerShell. The target invokes Powershell but the command seems to be cut off as seen below. Dropping the file into Notepad there’s more to see. cc @James_inthe_box