However, if the password used to protect the file is weak, it becomes susceptible to dictionary and mask/pattern-based attacks. In most cases, a password known to the legitimate user/owner is used to derive a long key and this key is then used to encrypt the file. In order to put one more layer of defense in such cases, the sensitive files are encrypted. Once the attacker has access to storage media like hard disks, USB drives and cloud storage, the files stored on that media become accessible to him.
Windows Post Exploitation: Basics Badge.Data Science and Machine Learning for InfoSec.
