AhnLab describes continued distribution of malicious Word documents using a “BIO form” lure, likely aimed at professors or research-center heads involved in North Korea-related topics. The DOCX file uses an external link to fetch a malicious BIO.dotm template containing obfuscated macros. Instead of directly downloading from a URL as in earlier variants, the macro writes a PowerShell command into C:\windows\temp\Ahnlab.log and then executes it to retrieve a script from zenma.getenjoyment.net. The report connects the technique to earlier targeted APT attempts using external Word templates and advises users to remain cautious with personalized biography-form documents.