In order to move horizontally on the network we need to know as much about the machine as possible. We need to loot it. These are some things that must be done on every compromised machine.
Who else is connected to the machine?
Dump the hashes
It is always good to have a list of all the hashes and crack them. Maybe someone is reusing the password.
To what is the machine connected?