sample using form value to break emulation

This sample seems to use a form with a text box event to avoid detection. Need to check if this is handled by ViperMonkey or needs improvement:

https://twitter.com/DissectMalware/status/999680382399385601

https://www.hybrid-analysis.com/sample/c0c83fb30da350e4526faa37de946f583578d9e4f3d7a94f239145736a4deac7/5b06c1be7ca3e17a7a671085