[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

FlawedGrace

FlawedGrace is a fully featured remote access tool (RAT) written in C++ that was first observed in late 2017.[1]

ID: S0383
Type: MALWARE
Platforms: Windows
Version: 1.1
Created: 29 May 2019
Last Modified: 11 April 2024

Techniques Used

Domain ID Name Use
Enterprise T1027 .013 Obfuscated Files or Information: Encrypted/Encoded File

FlawedGrace encrypts its C2 configuration files with AES in CBC mode.[1]

Groups That Use This Software

ID Name References
G0092 TA505

[1][2][3]

References