New Mimic Ransomware Abuses Everything APIs for its Encryption Process
released on 2023-01-27 @ 09:41:09 PM
Mimic arrives as an executable that drops multiple binaries and a password-protected archive (disguised as Everything64.dll) which when extracted, contains the ransomware payload. It also includes tools that are used for turning off Windows defender and legitimate sdel binaries.