How is this new?
Meterpreter has existed for a very long time now, and is well known for being memory resident, which is why you can bypass 'traditional' AV which ususally looks at binaries on disk access. Wrap your meterpreter payload in msfvenom or veil-evasion and voila - you have an AV bypass. Invoking mimikatz with powershell to dump the credentials is also a common pentester habit - but again, hardly new.