The report analyzes an APT37 Reaper lure that impersonates Korean military studies journal material to distribute RokRAT. The malicious file abuses PowerShell and a shortcut-based execution chain, with the report providing hashes including SHA-256 d182834a984c9f5b44ea0aca5786223a78138ff23d33362ab699c76bf6987261 and command-line artifacts that search for and invoke PowerShell from Windows system paths. The activity is consistent with social-engineering delivery against defense or policy-adjacent Korean targets, using a decoy academic theme while staging malware through script execution. Defenders should hunt for the listed hashes, suspicious LNK or document lures tied to Korean military research themes, and obfuscated PowerShell execution that extracts or launches RokRAT components.