{ "family": "gepys", "sample_count": 1587, "category": "trojan_generic", "description": "Gepys is a generic trojan-downloader family used to fetch and execute additional payloads after initial compromise. Gepys infections indicate that the system has been compromised and that secondary payloads should be expected and investigated.", "cta": "If you suspect this malware on your system, do not attempt manual removal. Contact SystemHelpdesk expert MSP support at 855-783-7555 for professional incident response guidance.", "aliases": [], "enrichment_level": "hand-curated", "faq": [ { "@type": "Question", "name": "What is Gepys?", "acceptedAnswer": { "@type": "Answer", "text": "Gepys is a generic trojan-downloader family used to fetch and execute additional payloads after initial compromise. Gepys infections indicate that the system has been compromised and that secondary payloads should be expected and investigated." } }, { "@type": "Question", "name": "How does Gepys spread?", "acceptedAnswer": { "@type": "Answer", "text": "Gepys is a generic trojan detection covering varied Russian-origin samples distributed through phishing, cracked software, and bundled installers." } }, { "@type": "Question", "name": "What are the signs of a Gepys infection?", "acceptedAnswer": { "@type": "Answer", "text": "Generic trojan signs apply: unexpected outbound network activity, unsigned binaries in user folders, and antivirus detections for Gepys variants are typical." } }, { "@type": "Question", "name": "What should I do if I think I have Gepys on my system?", "acceptedAnswer": { "@type": "Answer", "text": "If you suspect this malware on your system, do not attempt manual removal. Contact SystemHelpdesk expert MSP support at 855-783-7555 for professional incident response guidance." } } ], "faq_count": 4, "mitre_attack": [], "cisa_advisory": null, "last_updated": "2026-05-27" }