: A list of decrypted credentials from browsers like Chrome or Edge.
: Folders containing session cookies used for Session Hijacking (allowing attackers to bypass MFA). (CO)[2023-01-19]DESKTOP-KKG16TO_arnol.zip
: Data from browser forms, including addresses and phone numbers. : A list of decrypted credentials from browsers
The filename follows a naming convention typically used by Redline Stealer or similar malware logs often distributed on Telegram channels or "logs" marketplaces. It indicates a data exfiltration event from a specific Windows machine ("DESKTOP-KKG16TO") for a user named "arnol" on January 19, 2023. (CO)[2023-01-19]DESKTOP-KKG16TO_arnol.zip