The source analyzes a Kimsuky-linked LNK malware sample named Questionnaire.doc.lnk that uses a large shortcut file to hide embedded content and launch PowerShell instead of relying on Office macros. The command line searches for the malicious LNK, extracts a decoy PDF named “2023년도 4월 29일 세미나.pdf” into the Temp directory, opens it, then extracts and runs a BAT file named 230415.bat. The lure and execution flow target South Korea-related audiences associated with North Korea policy, while the author notes Kimsuky’s broader aliases and history of using malware families such as Gold Dragon, BabyShark, and AppleSeed. The report provides hashes for the sample, including SHA-256 f92297c4efabba98befeb992a009462d1aba6f3c3a11210a7c054ff5377f0753, and lists antivirus detections for the LNK dropper.