DeepLoad exploits ClickFix and WMI persistence to steal credentials, enabling stealth reinfection after three days.
These PowerShell scripts are using Microsoft Authentication Library (MSAL), Microsoft Graph APIs and Azure Management APIs to manage objects in Intune and Azure. The scripts have a simple WPF UI and ...