.. /.Library-ms

Windows Library files are a virtual container for user content and a .library-ms file can be used to point to a remote or local storage location. Abuse of these files has previously been talked about within the CIA Vault7 leaks. As hinted within the Vault 7 leak, the SearchConnectorDescription section of the library-ms file can point to a remote location which will again force authentication through explorer when opening the container folder and that would be used for NTLMhash harvesting.

“DisableThumbnailsOnNetworkFolders” and “DisableThumbnails” group policy settings.