In Metasploit, which module can perform pass-the-hash authentication by using an administrator's hash for SMB login?

Pass-the-hash authentication uses an NTLM hash to prove identity to Windows services (like SMB) without needing the plaintext password. For performing remote command execution over SMB using a hash in Metasploit, the module that fits this purpose is the psexec module. It connects to the target via SMB (often through the admin$ share) and runs the payload using the provided credentials, which can be an administrator’s NTLM hash instead of a cleartext password. This makes it the best fit for logins authenticated with a hash and immediate remote execution. Hashdump is used after you have access to dump password hashes from the target; smb_login is for testing login viability against an SMB service and doesn’t provide the remote execution flow with a hash; windows/gather/credentials collects credentials but isn’t focused on performing pass-the-hash authentication for SMB login.