This analysis details a sophisticated cyber attack attributed to the North Korean-linked Kimsuky APT group. The attack begins with an LNK file, leading to the execution of obfuscated VBS scripts. These scripts create scheduled tasks, modify registry keys for persistence, and establish communication with a command and control (C2) server. The malware employs various evasion techniques, including Base64 encoding and Caesar Cipher obfuscation. The ultimate goal appears to be maintaining long-term access to the victim's machine for espionage activities. The report also includes a personal anecdote of the analyst's brief interaction with the C2 server, receiving a single command after hours of waiting.