Matches rule PK_O365_ovo from ruleset PK_O365_ovo at
GitHub - t4d/PhishingKit-Yara-Rules: Repository of Yara rules dedicated to Phishing Kits Zip files by Thomas 'tAd' Damonneville Phishing Kit impersonating Office 365
Matches rule Windows_API_Function from ruleset Windows_API_Function at
GitHub - InQuest/yara-rules-vt: Collection of YARA rules designed for usage through VirusTotal.com. by InQuest Labs This signature detects the presence of a number of Windows API functionality often seen within embedded executables. When this signature alerts on an executable, it is not an indication of malicious behavior. However, if seen firing in other file types, deeper investigation may be warranted.
