APT / THREAT GROUP
FlawedGrace
3
aliases
Last seen:Mar 17, 2026
Intelligence Profile
According to ProofPoint, FlawedGrace is written in C++ and can be categorized as a Remote Access Trojan (RAT). It seems to have been developed in the second half of 2017 mainly.
FlawedGrace uses a series of commands:
FlawedGrace also uses a series of commands, provided below for reference:
* desktop_stat
* destroy_os
* target_download
* target_module_load
* target_module_load_external
* target_module_unload
* target_passwords
* target_rdp
* target_reboot
* target_remove
* target_script
* target_servers
* target_update
* target_upload
Threat Analysis
FlawedGrace is a known-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of unknown activity patterns.
External References
Quick Facts
TypeAPT / Threat Group
Aliases3
Also Known As
GraceWirewin.flawedgraceFlawedGrace
External Intelligence
Malpedia: win.flawedgraceResearch Links
Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.