I was victim to an .exe wallet hack, and I want to know more.

I was recently victim to a hack in in which my metamask wallet was compromised. I'm obviously no longer using the address, but interested if anyone knows how they might have gotten access, and what they might now know. Relevant information below.

The cause of the hack was downloading and running a fake .exe file from a fake site of a real program that I was led to via a twitter hacker. Yes, my fault. Anyways. When I clicked the file, nothing 'popped up' so I assumed the file was not working. Obviously, this .exe was what gave them access to my computer? seed phrase? passwords? Idk.

I go about my day working on the computer, nothing happens for 7hr. I finish my day, shut my laptop, and within 10 minutes, 2 of my NFT's are sold at highest WETH offer on Opensea, then my ETH, WETH, and APE are drained (note that plenty of other NFT's that did NOT have Opensea offers were not drained). All within two minutes. I know this, as I got a DELTA API notification on my phone while walking to my car. I wonder if this means that they had remote access? If they had my seed phrase, why would they wait until I shut my laptop?

Frustrated and defeated, I didn't reopen my laptop, rather went home onto my uncompromised desktop for the rest of the evening, immediately locking my metamask (not knowing if they had my password, or seed phrase).

Upon arriving back this morning, I fully restarted my laptop, removed all connected sites from metamask, and ran deep malware / virus Norton scans all over the PC. Absolutely no sign of malware, etc.

Does anyone have any idea what this .exe might have done? Is there anything else I should do right now? Thanks in advance.

**Note that seemingly, my passwords, phantom wallet, other accounts, and PC are seemingly unaffected. And yes, I do use a cold wallet / ledger.. the metamask that was hacked was my hot wallet to which I usually don't keep assets on for more than a week.