Yara detected HtmlPhish10
HTML document with suspicious title
Phishing site detected (based on various OCR indicators)
HTML document with suspicious name
PE file contains an invalid checksum
Drops PE files
None HTTPS page querying sensitive user data (password, username or email)
PE file contains sections with non-standard names
No HTML title found
JA3 SSL client fingerprint seen in connection with other malware
HTML body contains low number of good links
IP address seen in connection with other malware