That is exactly what malware like does. It tricks the LSA into handing over the crown jewels: your plain-text passwords, NTLM hashes, and Kerberos tickets.
Is it a silver bullet? No. But security is about layers. LSA Protection is a cheap, effective layer that costs almost nothing in performance or compatibility. local security authority protection
local-security-authority-protection-guide That is exactly what malware like does
If LSA Protection had been enabled, that post-exploitation step would have failed. The attacker would have seen an "Access Denied" error instead of a domain admin hash. change your password
Locking the Vault: Why You Need to Enable Local Security Authority Protection
4 minutes The Silent Gatekeeper of Windows Every time you log into your computer, change your password, or access a shared drive on your office network, a quiet, powerful Windows process is working in the background: the Local Security Authority (LSA) .