Often encrypted with a simple or publicly shared password (e.g., "123", "infected", or "red") to bypass basic automated email filters.
JSON or Netscape-formatted cookie files used for Session Hijacking , allowing attackers to bypass Multi-Factor Authentication (MFA). Red Hair.7z
A plaintext compilation of saved credentials from web browsers (Chrome, Firefox, Edge). Often encrypted with a simple or publicly shared password (e
Used as a dumping ground for "free" logs to build a reputation for a specific malware strain. Red Hair.7z