The Korean analysis attributes a malicious Word document named “Interview.doc” to Lazarus activity suspected of targeting the European Union and lists hashes for the sample. The lure content presents a GDPR-themed document with cryptocurrency interview questions, and the macro creates and launches a shortcut that invokes mshta through a Bitly URL redirecting to share.googlefiledrive[.]com:8080. The source includes the VBA AutoOpen macro flow, downloader behavior, and antivirus detections, making the report useful for tracking Lazarus document-lure tradecraft, mshta/shortener-based delivery, and crypto-themed targeting rather than a confirmed victim compromise.