Malware
RedCap
According to Trend Micro, this backdoor receives valid domain credentials as an argument and uses it to log on to the Exchange Server and use it for data exfiltration purposes.
RedCap is a Windows malware family operated by OilRig.
Background
Trend Micro reports that this backdoor accepts legitimate domain credentials as a parameter, which it then uses to authenticate to an Exchange Server for the purpose of exfiltrating data. At this stage its core job is to package the stolen password from the supplied argument and email it to the operators as an attachment. Researchers also noted that the actors route these messages through government Exchange Servers, leveraging valid accounts unlocked with the pilfered passwords.
Source: Malpedia (Fraunhofer FKIE).