File: Hdx-home-beta-windows.zip ... Apr 2026

It checks for the presence of debuggers, sandboxes, or virtual machines (VMs). If detected, it may terminate to avoid analysis. B. Data Harvesting (Infostealing) The malware scans the local system for:

Users searching for "Citrix HDX for Home" or "Remote Desktop Beta" are directed to spoofed websites. File: hdx-home-beta-windows.zip ...

Steals saved passwords, auto-fill data, and credit card info from Google Chrome , Microsoft Edge , and Mozilla Firefox . It checks for the presence of debuggers, sandboxes,

Upon extraction and execution of the contents within the ZIP file, the following stages typically occur: Data Harvesting (Infostealing) The malware scans the local

hdx-home-beta.exe (or similar executable inside the archive). Classification: Trojan / Infostealer. Common Families: RedLine Stealer or Vidar . 3. Infection Vector The malware typically spreads through:

Check %AppData% or %LocalAppData% for randomly named folders containing .sqlite or .txt files (logs of stolen data).