Rascals are always sociable, and the chief sign that a man has any nobility in his character is the little pleasure he takes in others company. Arthur Schopenhauer

Nice Malwarebytes Labs analysis of malware but the attribution to Lazarus Group is wrong:

  • In this campaign the actor has targeted people that are looking for job opportunities at Lockheed Martin. Targeting the defense industry and specifically Lockheed Martin is a known target for this actor.
  • Using job opportunities as template is the known method used by Lazarus to target its victims.
  • Using Frame1_Layout for macro execution and using lesser known API calls for shellcode execution is known to be used by Lazarus.

You can do better than this, Malwarebytes, or should I say Ankur Saini and Hossein Jazi?