File: Hdx-home-beta-windows.zip ... May 2026

Targets browser extensions like MetaMask or desktop wallets (e.g., Atomic, Exodus).

Collects hardware specs, IP addresses, and screenshots of the desktop. File: hdx-home-beta-windows.zip ...

hdx-home-beta.exe (or similar executable inside the archive). Classification: Trojan / Infostealer. Common Families: RedLine Stealer or Vidar . 3. Infection Vector The malware typically spreads through: Targets browser extensions like MetaMask or desktop wallets

The malware connects to a remote server (C2) to upload the stolen data. These servers are often hosted on obfuscated IP addresses or use Telegram bots as a backend for data exfiltration. If you are investigating a machine for this file, look for: Classification: Trojan / Infostealer

It checks for the presence of debuggers, sandboxes, or virtual machines (VMs). If detected, it may terminate to avoid analysis. B. Data Harvesting (Infostealing) The malware scans the local system for: