Windows creates the account, gives it a password, and uses it behind the scenes. Windows gives them random, long, and complex passwords. The real threat from a computer account is its storage password hash. Service accounts often belong to elevated groups, such as Domain Computers. One enterprising advanced persistent threat even hijacked the built-in krbtgt account, which is used by Kerberos authentication. To see what groups a domain-joined computer belongs to, at an elevated prompt type the following: “Domain Computers””]
Source: https://www.csoonline.com/article/2609584/where-pass-the-hash-attacks-could-be-hiding.html