3b5c59054bcdc4f677e770ac6eaf92d8852f34b5044546bdd7de2392a926577e
Summary
Ntdsutil.exe is a command line utility for accessing Windows Active Directory. It is sometimes used maliciously to dump domain passwords.
It is the 10,841st most commonly executed Windows program. It typically runs from the path C:\Windows\System32, and is most often launched by cmd.exe.
EchoTrail Prevalence Score (EPS)

21.66

?
Rank Analysis
Execution Rank

51,517th

?
Behavioral Analysis
Top Filenames
Top Paths
Top Network Ports
Ancestry Analysis
Top GrandParents
Top Parents
Top Children
Security Analysis
Intel