The source analyzes a Konni-linked Windows LNK malware sample using an HWP-themed lure named for engineering business-development meeting materials. The report records MD5, SHA-1, and SHA-256 hashes and describes an execution chain involving embedded PowerShell and AutoIt script behavior, with the compiled payload reading commands and performing malicious actions on Windows systems. The activity fits DPRK-aligned social-engineering tradecraft that disguises malware as Korean document content while relying on script interpreters and shortcut execution.