3b5c59054bcdc4f677e770ac6eaf92d8852f34b5044546bdd7de2392a926577e
Author: Microsoft
Source: Wild
Summary
Ntdsutil.exe is a command line utility for accessing Windows Active Directory. It is sometimes used maliciously to dump domain passwords. It is the 10,841st most commonly executed Windows program. It typically runs from the path C:\Windows\System32, and is most often launched by cmd.exe.
EchoTrail Prevalence Score (EPS)
9.53
Rank Analysis
Host Prevalence
0%
Execution Rank
67,648th
Behavioral Analysis
Top Filenames
Top Paths
C:\Windows\System32
100.00 %
loading...
Top Network Ports
No results found.
Ancestry Analysis
Top GrandParents
No results found.
Top Parents
loading...
Top Children
No results found.
Security Analysis
Intel
Want to contribute intel? Contact us about becoming an Intel Contributor.