MAPIGET (bf08965f-03a5-4cf6-83fb-8d3c9e9398ee)
This malware utility is a set of two files that operate in conjunction to extract email messages and attachments from an Exchange server. In order to operate successfully, these programs require authentication credentials for a user on the Exchange server, and must be run from a machine joined to the domain that has Microsoft Outlook installed (or equivalent software that provides the Microsoft 'Messaging API' (MAPI) service).
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| MAPIGET (bf08965f-03a5-4cf6-83fb-8d3c9e9398ee) | Tool | MAPIget (8a97307f-a029-4c43-88e1-debed2b80b14) | Malpedia | 1 |