ZxxZ

Zxxz is a malware that can be used by adversaries to target and compromise victim's machines. The trojan is named after a separator used by the payload when sending information to the C2 server. Once installed, Zxxz has remote file execution capability, allowing the attacker to deploy and run other tools from their arsenal to achieve their malicious objective. In current campaigns, Zxxz is downloaded into the public user's account space via a scheduled task while another task runs the trojan. During C2 communication, the trojan sends the victim's computer name, user name, a "ZxxZ" separator, and the Windows version obtained from the registry. Zxxz is a new trojan based on Apost and has been identified by security experts as a significant threat due to its sophisticated capabilities. To prevent falling victim to this malware, users are advised to avoid suspicious downloads, emails, and websites, keep their software up-to-date, and use strong passwords or two-factor authentication.