AuKill EDR killer malware abuses Process Explorer driver
released on 2023-05-10 @ 06:05:13 PM
The AuKill tool abuses an outdated version of the driver used by version 16.32 of the Microsoft utility, Process Explorer, to disable EDR processes before deploying either a backdoor or ransomware on the target system. The tool was used during at least three ransomware incidents since the beginning of 2023 to sabotage the target’s protection and deploy ransomware.