HOMETHREATSFlawedGrace
APT / THREAT GROUP

FlawedGrace

3
aliases
Last seen:Mar 17, 2026

Intelligence Profile

According to ProofPoint, FlawedGrace is written in C++ and can be categorized as a Remote Access Trojan (RAT). It seems to have been developed in the second half of 2017 mainly.

FlawedGrace uses a series of commands:

FlawedGrace also uses a series of commands, provided below for reference:

* desktop_stat

* destroy_os

* target_download

* target_module_load

* target_module_load_external

* target_module_unload

* target_passwords

* target_rdp

* target_reboot

* target_remove

* target_script

* target_servers

* target_update

* target_upload

Threat Analysis

FlawedGrace is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.

External References

Quick Facts

TypeAPT / Threat Group
Aliases3

Also Known As

GraceWirewin.flawedgraceFlawedGrace

External Intelligence

Malpedia: win.flawedgrace

Research Links

Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.