Malicious software of TrickBot was not entirely perceived as the most dangerous threat, however its functions allowed attacking Active Directory databases. Domain administrators must be very careful when accessing Active Directory, especially for hackers who have access to directories where password hashes, computer names, groups and many other confidential data are stored.

https://www.xccelero.com/2020/01/30/active-directorybeing-targeted-by-malware-called-trickbot/?