In this analysis, I demonstrate how a seemingly harmless installer for a popular application like 7-Zip can be used to compromise an entire Active Directory domain in a matter of minutes.

The attack leverages a series of commands to exfiltrate critical system files, enabling further attacks and complete domain takeover.

Full video from here

Full writeup from here