CISA released an advisory in August 2022 on AZOrult malware, which could allow an attacker to steal information from compromised devices. This TTP uses AZOrult's methods of disabling Windows Defender and enabling persistence through a scheduled task. AZOrult may steal user account information, including passwords and credentials.
View Command
To view this TTPs command, you must be logged in with a professional or enterprise license.