CISA released an advisory in August 2022 on NanoCore RAT, which could allow an attacker to control a victim's machine. This TTP uses NanoCore's methods of adding a NanoCore exclusion in Windows Defender and enabling persistence through a scheduled task. NanoCore RAT may steal user account information, including passwords and credentials.
View Command
To view this TTPs command, you must be logged in with a professional or enterprise license.