{
  "family": "zegost",
  "sample_count": 441,
  "category": "rat",
  "description": "Zegost is a remote access trojan (rat) family with 441 samples in ember 2018, providing attackers with extensive remote control over infected systems including keylogging, screen capture, webcam access, and file management. rats are commonly used in both commodity cybercrime and targeted attacks.",
  "cta": "If you suspect this malware on your system, do not attempt manual removal. Contact SystemHelpdesk expert MSP support at 855-783-7555 for professional incident response guidance.",
  "aliases": [],
  "enrichment_level": "category-templated",
  "faq": [
    {
      "@type": "Question",
      "name": "What is Zegost malware?",
      "acceptedAnswer": {
        "@type": "Answer",
        "text": "Zegost is a member of the rat category in the EMBER 2018 malware corpus. Like other rat samples it shares the behaviors typical of that class. Because precise family-specific reporting on Zegost is limited, this catalog only describes it at the category level rather than fabricating unverified details."
      }
    },
    {
      "@type": "Question",
      "name": "What should I do if Zegost is detected on my system?",
      "acceptedAnswer": {
        "@type": "Answer",
        "text": "Do not attempt manual removal. Rat samples often establish persistence and may be part of a larger compromise. Isolate the affected system from the network and contact SystemHelpdesk expert MSP support at 855-783-7555 for professional incident response."
      }
    }
  ],
  "faq_count": 2,
  "mitre_attack": [],
  "cisa_advisory": null,
  "last_updated": "2026-05-27"
}