This blog shares information on some examples of how the CrowdStrike® Falcon® OverWatch™ team has observed the open-source tool known as Mimikatz being used in the wild – including an unusual use of the tool to strictly bypass brittle signature-based detections.

https://www.crowdstrike.com/blog/credential-theft-mimikatz-techniques/