Domain Groups
Adversaries may attempt to find domain-level groups and permission settings. The knowledge of domain-level permission groups can help adversaries determine which groups exist and which users belong to a particular group. Adversaries may use this information to determine which users have elevated permissions, such as domain administrators. Commands such as <code>net group /domain</code> of the [Net](https://attack.mitre.org/software/S0039) utility, <code>dscacheutil -q group</code> on macOS, an...
BY SOURCE
PROCEDURES (26)
Auto-extracted: 4 detections for process creation monitoring
Auto-extracted: 4 detections for general monitoring
Auto-extracted: 4 detections for script block
Auto-extracted: 3 detections for lateral
Auto-extracted: 3 detections for wmi
Auto-extracted: 2 detections for spray
Auto-extracted: 2 detections for privilege
Auto-extracted: 2 detections for powershell
Auto-extracted: 1 detections for powershell
Auto-extracted: 1 detections for wmi
Auto-extracted: 1 detections for powershell
Auto-extracted: 1 detections for persist
Auto-extracted: 1 detections for service monitoring
Auto-extracted: 1 detections for service
Auto-extracted: 1 detections for service
Auto-extracted: 1 detections for privilege
Auto-extracted: 1 detections for lateral
Auto-extracted: 1 detections for persist
Auto-extracted: 1 detections for exfiltrat
Auto-extracted: 1 detections for spray
Auto-extracted: 1 detections for script execution monitoring
Auto-extracted: 1 detections for file monitoring
Auto-extracted: 1 detections for azure
Auto-extracted: 1 detections for azure
Auto-extracted: 1 detections for lateral
Auto-extracted: 1 detections for exfiltrat