Security researcher Bosko Stankovic recently published an article explaining how an attacker could use Chrome, the SMB file sharing protocol, and Windows Explorer Shell Command File to steal victims credentials.
The basic elements
Chrome
Similar attacks have been demonstrated using Internet Explorer and Edge, but being able to do this with a (very popular) third party browser increases the chances of this being used in the wild by a lot. Chrome uses a technique called MIME-sniffing for files with a text or text-like content and downloads files that contain a non-printable character. It downloads these files to the default download folder as specified in the Advanced Settings section of the Chrome Settings.
Full Article