There is nothing to learn here. A real attacker would certainly not use the password field of the Cryptomator app, but would use a small script (GitHub - cryptomator/cracker: Brute Force Tool for masterkey.cryptomator Files) to guess the password.
And no, with this tool the password is not easily guessed, see How Cruptomator is protected from Brute force attacks? - #2 by infeo