FlawedGrace

FlawedGrace is a fully featured remote access tool (RAT) written in C++ that was first observed in late 2017.[1]

ID: S0383
Type: MALWARE
Platforms: Windows
Version: 1.0
Created: 29 May 2019
Last Modified: 07 June 2019

Techniques Used

Domain ID Name Use
Enterprise T1027 Obfuscated Files or Information

FlawedGrace encrypts its C2 configuration files with AES in CBC mode.[1]

Groups That Use This Software

ID Name References
G0092 TA505

[1][2][3]

References