: XML or JSON files containing server settings or user credentials.
: In phishing scenarios, the archive may contain an executable or script (like .js or .vbs ) disguised as a document. Safety and Handling Recommendations
: Compressed files can contain "Zip Bombs" or auto-executing scripts that trigger upon extraction.
: Event viewer logs, registry hives, or memory strings captured during an audit.
