Trojan:Win32/Malgent!MSR is a malware strain used by Diamond Sleet, a North Korean state-sponsored threat actor, in its software hijacking campaigns. The malware is primarily delivered through social engineering attacks using WhatsApp, LinkedIn, OneDrive, and Google Drive, where victims receive *.zip files containing trojanized software. These zip files often use job-related lures, masquerading as legitimate engineering, maintenance technician, or program manager documents. Once the victim runs the software, DLL hijacking occurs, allowing the attacker to install a backdoor, enabling further payload execution and credential theft.