File: — Hdx-home-beta-windows.zip ...

The file is frequently identified in cybersecurity research and sandboxing environments as a container for malware , specifically associated with RedLine Stealer or Vidar Stealer campaigns . It is often disguised as a legitimate beta version of virtualization software (like Citrix HDX) to trick users into executing it.

Collects hardware specs, IP addresses, and screenshots of the desktop.

The executable often uses a "packer" to hide its actual code from basic antivirus scans.

Steals saved passwords, auto-fill data, and credit card info from Google Chrome , Microsoft Edge , and Mozilla Firefox .