A Stardust Chollima adversary simulation recreates the 2018 compromise of Chilean interbank network Redbanc, where PowerRatankba was delivered through a fake job-application lure. The attack chain centers on social engineering over LinkedIn/Skype, a GUI dropper posing as a registration form, Base64-encoded PowerShell execution, and a PowerRatankba reverse shell. The backdoor communicates with an HTTPS C2 server, executes commands through PowerShell, returns output to the operator, and gains persistence via Windows startup mechanisms including service or registry-based autostart behavior. The case matters because it illustrates how DPRK-linked financial intrusions can use realistic recruitment workflows to gain a foothold without directly attacking the target organization first.