Zegost malware

GPTKB entity

Statements (34)
Predicate Object
gptkbp:instanceOf malware
gptkbp:abilities credential theft
screenshot capture
remote command execution
file exfiltration
keylogging
system information collection
clipboard monitoring
gptkbp:alsoKnownAs gptkb:Zegost
gptkbp:associatedWith gptkb:Chinese_threat_actors
gptkb:APT10
gptkbp:category cyber espionage tool
gptkbp:detects various antivirus vendors
gptkbp:developedBy gptkb:China
gptkbp:distributedBy phishing emails
malicious attachments
exploit kits
gptkbp:firstObserved 2011
https://www.w3.org/2000/01/rdf-schema#label Zegost malware
gptkbp:notable_campaign attacks on government organizations
attacks on critical infrastructure
attacks on private sector companies
gptkbp:persistenceMechanism registry modification
scheduled tasks
gptkbp:platform gptkb:Windows
gptkbp:supportsProtocol gptkb:FTP
gptkb:HTTP
SMTP
gptkbp:type information stealer
gptkbp:usedFor espionage
data theft
gptkbp:usesMalware Zegost family
gptkbp:bfsParent gptkb:Operation_Zegost
gptkbp:bfsLayer 7