SOFTWARE
SOFTWARE
A-B
C-D
E-F
G-H
I-J
K-L
M-N
O-P
Q-R
S-T
U-V
W-X
FlawedGrace
FlawedGrace is a fully featured remote access tool (RAT) written in C++ that was first observed in late 2017.[1]
ID: S0383
Type: MALWARE
Platforms: Windows
Version: 1.0
Created: 29 May 2019
Last Modified: 07 June 2019
Techniques Used
Domain | ID | Name | Use | |
---|---|---|---|---|
Enterprise | T1027 | Obfuscated Files or Information |
FlawedGrace encrypts its C2 configuration files with AES in CBC mode.[1] |
Groups That Use This Software
ID | Name | References |
---|---|---|
G0092 | TA505 |
References
- Schwarz, D. and Proofpoint Staff. (2019, January 9). ServHelper and FlawedGrace - New malware introduced by TA505. Retrieved May 28, 2019.
- Hiroaki, H. and Lu, L. (2019, June 12). Shifting Tactics: Breaking Down TA505 Group’s Use of HTML, RATs and Other Techniques in Latest Campaigns. Retrieved May 29, 2020.
×