Unit 42 analyzed two malware samples leveraging Large Language Models (LLMs) for remote decision-making. One is a .NET infostealer using GPT-3.5-Turbo for superficial 'AI theater', while the other is a Golang dropper that uses GPT-4 to evaluate system telemetry and determine if the environment is safe to deploy a Sliver payload.