Malicious spam campaign delivers static phishing page

Threat actors used a malicious HTML file in this campaign that is not related to any family of malware that Infoblox is aware of. The file harvests and exfiltrates WeTransfer credentials.