Fake KeePass site uses Google Ads and Punycode to push malware
Tags
country: Argentina Laos
maec-delivery-vectors: Watering Hole
attack-pattern: Dns - T1071.004 Dns - T1590.002 Malicious Link - T1204.001 Malvertising - T1583.008 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Software - T1592.002 Powershell - T1086
Show in Graph
Common Information
Type Value
UUID 17795e0c-e934-4458-8b2a-203954531b23
Fingerprint 81cc3fa8ed1782e1
Analysis status DONE
Considered CTI value 0
Text language
Published Oct. 19, 2023, midnight
Added to db Oct. 22, 2023, 10:18 p.m.
Last updated Sept. 5, 2024, 2:05 a.m.
Headline Fake KeePass site uses Google Ads and Punycode to push malware
Title Fake KeePass site uses Google Ads and Punycode to push malware
Detected Hints/Tags/Attributes 23/3/11
Source URLs
Redirection Url
Details Source https://www.bleepingcomputer.com/news/security/fake-keepass-site-uses-google-ads-and-punycode-to-push-malware/
URL Provider
Details Provider Source level domain
Details bleepingcomputer.com www.bleepingcomputer.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 163 https://media.cert.europa.eu/rss?type=category&id=Malware&language=en&duplicates=false 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 2 
www.keepass.info
Details Domain 4 
xn--eepass-vbb.info
Details Domain 2 
eepass-vbb.info
Details Domain 1 
keeqass.info
Details File 8 
keepass.inf
Details File 2 
eepass-vbb.inf
Details File 4 
ķeepass.inf
Details File 3 
55-setup.msi
Details File 2 
'mergecap.exe
Details Url 2 
https://www.keepass.info
Details Url 2 
https://xn--eepass-vbb.info