AhnLab's November 2024 domestic APT trend report summarizes attacks observed against Korean targets and identifies spear phishing as the dominant intrusion type for the month. The source highlights LNK-based delivery in which malicious PowerShell commands embedded in shortcut files extract CAB and decoy document content to the victim system, unpack scripts such as BAT, PS1, and VBS files, and support information theft or additional malware download. The report provides defensive context for monitoring spear-phishing attachments, shortcut abuse, script execution chains, and APT activity targeting domestic organizations.