NT Authority\SYSTEM

The NT AUTHORITY\SYSTEM account is a built-in Windows account used by the Service Control Manager to run operating system services. It has significantly more privileges than a standard local administrator account. Most core Windows services run under this account because it has the required permissions to interact with system components, hardware, and security mechanisms.

On domain-joined hosts, access to the local SYSTEM context allows to authenticate as the machine account (e.g. HOSTNAME$) which is equivalent to having a domain account. However, this access cannot be used for cross-domain trust Kerberos attacks, as those operations typically require a user account with appropriate trust or delegation privileges.