Trusted Design

MAPIGET (FAMILY)

概要

This malware utility is a set of two files that operate in conjunction to extract email messages and attachments from an Exchange server. In order to operate successfully, these programs require authentication credentials for a user on the Exchange server, and must be run from a machine joined to the domain that has Microsoft Outlook installed (or equivalent software that provides the Microsoft 'Messaging API' (MAPI) service).

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

HackTool:Win32/MailLogger (score: 0.56)
Emotet Trojan Acts as Loader, Spreads Automatically (score: 0.53)
TrickBot comes with new tricks - attacking Outlook and browsing data (score: 0.53)
Malware Analysis Report (MAR) (score: 0.52)
Microsoft Word Intruder: Operation Pony Express (score: 0.52)

このPulseに関連する脅威アクター (事実ベース)

Scattered Spider

Score: 15.55

Matched TTPs:

T1564.008 - Email Hiding Rules
T1070.008 - Clear Mailbox Data
T1598 - Phishing for Information
T1213.005 - Messaging Applications

MITREへのリンク →

FIN4

Score: 8.46

Matched TTPs:

T1564.008 - Email Hiding Rules
T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1114.002 - Remote Email Collection

MITREへのリンク →

Kimsuky

Score: 31.97

Matched TTPs:

T1036.007 - Double File Extension
T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1071.003 - Mail Protocols
T1218.005 - Mshta
T1055.012 - Process Hollowing
T1114.002 - Remote Email Collection
T1598 - Phishing for Information
T1027.002 - Software Packing
T1102.001 - Dead Drop Resolver
T1584.001 - Domains
T1078.003 - Local Accounts

MITREへのリンク →

Mustang Panda

Score: 12.27

Matched TTPs:

T1036.007 - Double File Extension
T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1218.005 - Mshta
T1027.007 - Dynamic API Resolution

MITREへのリンク →

RedCurl

Score: 8.57

Matched TTPs:

T1114.001 - Local Email Collection
T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1087.003 - Email Account

MITREへのリンク →

Sea Turtle

Score: 5.95

Matched TTPs:

T1114.001 - Local Email Collection
T1078.003 - Local Accounts

MITREへのリンク →

APT1

Score: 10.11

Matched TTPs:

T1114.001 - Local Email Collection
T1566.001 - Spearphishing Attachment
T1114.002 - Remote Email Collection
T1584.001 - Domains

MITREへのリンク →

Chimera

Score: 5.95

Matched TTPs:

T1114.001 - Local Email Collection
T1114.002 - Remote Email Collection

MITREへのリンク →

Magic Hound

Score: 13.65

Matched TTPs:

T1114.001 - Local Email Collection
T1204.002 - Malicious File
T1087.003 - Email Account
T1114.002 - Remote Email Collection
T1584.001 - Domains

MITREへのリンク →

Winter Vivern

Score: 4.16

Matched TTPs:

T1114.001 - Local Email Collection
T1566.001 - Spearphishing Attachment

MITREへのリンク →

Cobalt Group

Score: 4.41

Matched TTPs:

T1559.002 - Dynamic Data Exchange
T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment

MITREへのリンク →

FIN7

Score: 9.42

Matched TTPs:

T1559.002 - Dynamic Data Exchange
T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1218.005 - Mshta
T1078.003 - Local Accounts

MITREへのリンク →

MuddyWater

Score: 6.75

Matched TTPs:

T1559.002 - Dynamic Data Exchange
T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1218.005 - Mshta

MITREへのリンク →

Sidewinder

Score: 10.37

Matched TTPs:

T1559.002 - Dynamic Data Exchange
T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1218.005 - Mshta
T1598.002 - Spearphishing Attachment

MITREへのリンク →

APT28

Score: 22.06

Matched TTPs:

T1559.002 - Dynamic Data Exchange
T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1071.003 - Mail Protocols
T1114.002 - Remote Email Collection
T1598 - Phishing for Information
T1550.001 - Application Access Token
T1211 - Exploitation for Defense Evasion

MITREへのリンク →

APT37

Score: 4.41

Matched TTPs:

T1559.002 - Dynamic Data Exchange
T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment

MITREへのリンク →

Gallmaker

Score: 4.41

Matched TTPs:

T1559.002 - Dynamic Data Exchange
T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment

MITREへのリンク →

Leviathan

Score: 7.56

Matched TTPs:

T1559.002 - Dynamic Data Exchange
T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1027.015 - Compression

MITREへのリンク →

BITTER

Score: 4.41

Matched TTPs:

T1559.002 - Dynamic Data Exchange
T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment

MITREへのリンク →

TA505

Score: 13.37

Matched TTPs:

T1559.002 - Dynamic Data Exchange
T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1218.007 - Msiexec
T1087.003 - Email Account
T1027.002 - Software Packing

MITREへのリンク →

Patchwork

Score: 12.90

Matched TTPs:

T1559.002 - Dynamic Data Exchange
T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1055.012 - Process Hollowing
T1027.002 - Software Packing
T1102.001 - Dead Drop Resolver

MITREへのリンク →

Machete

Score: 4.95

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1218.007 - Msiexec

MITREへのリンク →

Elderwood

Score: 3.72

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1027.002 - Software Packing

MITREへのリンク →

Transparent Tribe

Score: 4.95

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1584.001 - Domains

MITREへのリンク →

Dragonfly

Score: 7.95

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1598.002 - Spearphishing Attachment
T1114.002 - Remote Email Collection

MITREへのリンク →

Contagious Interview

Score: 4.07

Matched TTPs:

T1204.002 - Malicious File
T1071.003 - Mail Protocols

MITREへのリンク →

RTM

Score: 4.95

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1102.001 - Dead Drop Resolver

MITREへのリンク →

Tropic Trooper

Score: 4.33

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1078.003 - Local Accounts

MITREへのリンク →

menuPass

Score: 4.81

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1055.012 - Process Hollowing

MITREへのリンク →

TA551

Score: 4.00

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1218.005 - Mshta

MITREへのリンク →

Threat Group-3390

Score: 10.02

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1055.012 - Process Hollowing
T1027.002 - Software Packing
T1027.015 - Compression

MITREへのリンク →

LazyScripter

Score: 4.00

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1218.005 - Mshta

MITREへのリンク →

PROMETHIUM

Score: 3.45

Matched TTPs:

T1204.002 - Malicious File
T1078.003 - Local Accounts

MITREへのリンク →

APT39

Score: 3.72

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1027.002 - Software Packing

MITREへのリンク →

Star Blizzard

Score: 7.95

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1598.002 - Spearphishing Attachment
T1114.002 - Remote Email Collection

MITREへのリンク →

Higaisa

Score: 4.81

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1027.015 - Compression

MITREへのリンク →

Rancor

Score: 4.95

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1218.007 - Msiexec

MITREへのリンク →

Wizard Spider

Score: 5.28

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1555.004 - Windows Credential Manager

MITREへのリンク →

OilRig

Score: 9.82

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1137.004 - Outlook Home Page
T1555.004 - Windows Credential Manager

MITREへのリンク →

Sandworm Team

Score: 5.28

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1087.003 - Email Account

MITREへのリンク →

Inception

Score: 4.00

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1218.005 - Mshta

MITREへのリンク →

Saint Bear

Score: 3.72

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1027.002 - Software Packing

MITREへのリンク →

Lazarus Group

Score: 8.14

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1218.005 - Mshta
T1027.007 - Dynamic API Resolution

MITREへのリンク →

Moonstone Sleet

Score: 5.10

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1598 - Phishing for Information

MITREへのリンク →

Gorgon Group

Score: 4.81

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1055.012 - Process Hollowing

MITREへのリンク →

TA2541

Score: 12.36

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1218.005 - Mshta
T1055.012 - Process Hollowing
T1027.002 - Software Packing
T1027.015 - Compression

MITREへのリンク →

Earth Lusca

Score: 3.13

Matched TTPs:

T1204.002 - Malicious File
T1218.005 - Mshta

MITREへのリンク →

SideCopy

Score: 10.91

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1218.005 - Mshta
T1598.002 - Spearphishing Attachment
T1584.001 - Domains

MITREへのリンク →

Mofang

Score: 4.81

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1027.015 - Compression

MITREへのリンク →

BRONZE BUTLER

Score: 4.95

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1102.001 - Dead Drop Resolver

MITREへのリンク →

APT38

Score: 9.34

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1218.007 - Msiexec
T1218.005 - Mshta
T1027.002 - Software Packing

MITREへのリンク →

Molerats

Score: 8.10

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1218.007 - Msiexec
T1027.015 - Compression

MITREへのリンク →

Gamaredon Group

Score: 7.16

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1218.005 - Mshta
T1027.015 - Compression

MITREへのリンク →

APT32

Score: 9.95

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1071.003 - Mail Protocols
T1218.005 - Mshta
T1078.003 - Local Accounts

MITREへのリンク →

The White Company

Score: 3.72

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1027.002 - Software Packing

MITREへのリンク →

APT29

Score: 11.39

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1218.005 - Mshta
T1114.002 - Remote Email Collection
T1027.002 - Software Packing
T1078.003 - Local Accounts

MITREへのリンク →

Confucius

Score: 4.00

Matched TTPs:

T1204.002 - Malicious File
T1566.001 - Spearphishing Attachment
T1218.005 - Mshta

MITREへのリンク →

APT41

Score: 6.21

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1027.002 - Software Packing
T1102.001 - Dead Drop Resolver

MITREへのリンク →

ZIRCONIUM

Score: 8.78

Matched TTPs:

T1218.007 - Msiexec
T1598 - Phishing for Information
T1027.002 - Software Packing

MITREへのリンク →

APT42

Score: 4.13

Matched TTPs:

T1070.008 - Clear Mailbox Data

MITREへのリンク →

Turla

Score: 9.57

Matched TTPs:

T1071.003 - Mail Protocols
T1555.004 - Windows Credential Manager
T1078.003 - Local Accounts

MITREへのリンク →

SilverTerrier

Score: 3.29

Matched TTPs:

T1071.003 - Mail Protocols

MITREへのリンク →

BlackByte

Score: 3.15

Matched TTPs:

T1055.012 - Process Hollowing

MITREへのリンク →

HAFNIUM

Score: 9.46

Matched TTPs:

T1114.002 - Remote Email Collection
T1550.001 - Application Access Token
T1078.003 - Local Accounts

MITREへのリンク →

Stealth Falcon

Score: 3.62

Matched TTPs:

T1555.004 - Windows Credential Manager

MITREへのリンク →

Rocke

Score: 5.34

Matched TTPs:

T1027.002 - Software Packing
T1102.001 - Dead Drop Resolver

MITREへのリンク →

Medusa Group

Score: 6.59

Matched TTPs:

T1027.002 - Software Packing
T1218.014 - MMC

MITREへのリンク →

Equation

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

Strider

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

FIN13

Score: 4.54

Matched TTPs:

T1556 - Modify Authentication Process

MITREへのリンク →

Mustard Tempest

Score: 3.29

Matched TTPs:

T1584.001 - Domains

MITREへのリンク →

Fox Kitten

Score: 3.84

Matched TTPs:

T1213.005 - Messaging Applications

MITREへのリンク →

LAPSUS$

Score: 3.84

Matched TTPs:

T1213.005 - Messaging Applications

MITREへのリンク →

Velvet Ant

Score: 6.80

Matched TTPs:

T1078.003 - Local Accounts
T1211 - Exploitation for Defense Evasion

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.75

Matched TTPs:

T1584.001 - Domains
T1204.002 - Malicious File
T1598 - Phishing for Information
T1027.002 - Software Packing
T1102.001 - Dead Drop Resolver
T1218.005 - Mshta
T1055.012 - Process Hollowing
T1078.003 - Local Accounts
T1566.001 - Spearphishing Attachment
T1036.007 - Double File Extension
T1071.003 - Mail Protocols
T1114.002 - Remote Email Collection

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る