{
	"id": "5f7e8269-eef0-499d-ae3a-ba5fd14c21c8",
	"created_at": "2026-04-06T00:16:51.677369Z",
	"updated_at": "2026-04-10T13:11:53.899061Z",
	"deleted_at": null,
	"sha1_hash": "0b3151050e0f8174ed2e38afd2d612a2fcabed48",
	"title": "FlawedGrace (Malware Family)",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 28775,
	"plain_text": "FlawedGrace (Malware Family)\r\nBy Fraunhofer FKIE\r\nArchived: 2026-04-02 11:01:18 UTC\r\nAccording to ProofPoint, FlawedGrace is written in C++ and can be categorized as a Remote Access Trojan\r\n(RAT). It seems to have been developed in the second half of 2017 mainly.\r\nFlawedGrace uses a series of commands:\r\nFlawedGrace also uses a series of commands, provided below for reference:\r\n* desktop_stat\r\n* destroy_os\r\n* target_download\r\n* target_module_load\r\n* target_module_load_external\r\n* target_module_unload\r\n* target_passwords\r\n* target_rdp\r\n* target_reboot\r\n* target_remove\r\n* target_script\r\n* target_servers\r\n* target_update\r\n* target_upload\r\n[TLP:WHITE] win_flawedgrace_auto (20251219 | Detects win.flawedgrace.)\r\nSource: https://malpedia.caad.fkie.fraunhofer.de/details/win.flawedgrace\r\nhttps://malpedia.caad.fkie.fraunhofer.de/details/win.flawedgrace\r\nPage 1 of 1",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://malpedia.caad.fkie.fraunhofer.de/details/win.flawedgrace"
	],
	"report_names": [
		"win.flawedgrace"
	],
	"threat_actors": [],
	"ts_created_at": 1775434611,
	"ts_updated_at": 1775826713,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/0b3151050e0f8174ed2e38afd2d612a2fcabed48.pdf",
		"text": "https://archive.orkl.eu/0b3151050e0f8174ed2e38afd2d612a2fcabed48.txt",
		"img": "https://archive.orkl.eu/0b3151050e0f8174ed2e38afd2d612a2fcabed48.jpg"
	}
}