"Katerinka.zip" is a malicious archive used in targeted phishing campaigns to deliver Lumma Stealer, which harvests sensitive data such as browser credentials, cookies, and crypto wallet files [1, 3, 4]. The malware, often disguised as legitimate software, utilizes process hollowing to inject code into system processes and exfiltrates information via HTTP POST requests [2, 4, 5]. Immediate action includes isolating the infected machine and changing all credentials from a secure device.
