An adversary exploits functionality meant to identify information about user groups and their permissions on the target system to an authorized user. By knowing what users/permissions are registered on the target system, the adversary can inform further and more targeted malicious behavior. An example Windows command which can list local groups is \'net localgroup\'.
Description
Mitigations
1
Consequences
Relationships
Related ATT&CK Techniques
2