This cluster centers on the analysis of Elpaco, a variant of the Mimic ransomware. Elpaco exhibits customizable features, including the ability to disable security mechanisms, run system commands, and customize ransom notes. The analysis details the malware’s structure, TTPs, and its use of the Everything library for file searching. The detailed technical analysis provided is valuable for security researchers and incident responders.