Register to stream ATT&CKcon 2.0 October 29-30


FlawedGrace is a fully featured remote access tool (RAT) written in C++ that was first observed in late 2017.[1]

ID: S0383
Platforms: Windows
Version: 1.0

Techniques Used

Domain ID Name Use
Enterprise T1043 Commonly Used Port FlawedGrace has used port 443 for C2 communications. [1]
Enterprise T1094 Custom Command and Control Protocol FlawedGrace uses a custom binary protocol for its C2 communications. [1]
Enterprise T1027 Obfuscated Files or Information FlawedGrace encrypts its C2 configuration files with AES in CBC mode. [1]

Groups That Use This Software

ID Name References
G0092 TA505 [1]