Actor
AdFind.exe, a legitimate Active Directory query tool, is commonly abused by threat actors such as Trickbot, Ryuk, Maze, and FIN6 for post-exploitation Active Directory reconnaissance, enabling enumeration of objects like computers, people, subnets, and domain information.