Urelas Analysis

IOB - Indicator of Behavior (129)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en40
pl32
it26
de14
sv10

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

jp102
sv4
pl4
es4
it2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Joomla CMS20
Huge-IT Joomla Slider Extension4
Huge-IT Catalog Extension2
DTH DT Register Extension2
Huge-IT Gallery2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Joomla CMS com_frontpage sql injection6.36.1$5k-$25k$5k-$25kNot DefinedNot Defined0.000.00000
2Joomla CMS com_news sql injection6.36.1$5k-$25k$5k-$25kNot DefinedNot Defined0.000.00000
3ms Package Regex resource management6.46.3$0-$5kCalculatingNot DefinedOfficial Fix0.000.00154CVE-2015-8315
4aWeb Cart Watching System for Virtuemart sql injection8.57.7$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000.00208CVE-2016-10114
5Joomla CMS com_carocci sql injection6.36.1$5k-$25k$5k-$25kNot DefinedNot Defined0.030.00000
6Joomla CMS com_webgrouper sql injection6.36.1$5k-$25k$5k-$25kNot DefinedNot Defined0.020.00000
7Huge-IT Catalog Extension cross site scripting7.27.2$0-$5k$0-$5kNot DefinedNot Defined0.000.00287CVE-2016-1000119
8Huge-IT Catalog ajax_url.php sql injection9.88.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.00159CVE-2016-1000125
9Ruby Onigmo regparse.c parse_char_class input validation6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.020.00389CVE-2017-6181
10Joomla CMS com_kide sql injection6.36.1$5k-$25k$5k-$25kNot DefinedNot Defined0.000.00000
11Huge-IT Video Gallery ajax_url.php sql injection7.37.1$0-$5k$0-$5kHighNot Defined0.000.00485CVE-2016-1000123
12Smart Related Articles Extension dialog.php sql injection8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.000.00144CVE-2017-7628
13Joomla CMS com_kunena sql injection6.36.1$5k-$25k$5k-$25kNot DefinedNot Defined0.000.00000
14Joomla CMS com_filecabinet sql injection6.36.1$5k-$25k$5k-$25kNot DefinedNot Defined0.000.00000
15Joomla CMS com_blog_calendar index.php sql injection6.36.1$5k-$25k$0-$5kNot DefinedNot Defined0.030.00000
16Rwcards Component index.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.10626CVE-2007-1703
17DTH DT Register Extension index.php sql injection6.36.0$0-$5kCalculatingNot DefinedOfficial Fix0.020.00000
18Joomla CMS com_fidecalendar sql injection6.36.1$5k-$25k$5k-$25kNot DefinedNot Defined0.000.00000
19Joomla CMS com_sngevents sql injection6.36.1$5k-$25k$5k-$25kNot DefinedNot Defined0.000.00000
20Joomla CMS com_virtuemart sql injection6.36.1$5k-$25k$5k-$25kNot DefinedNot Defined0.000.00000

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
11.234.83.146campustown.co.krUrelas04/08/2022verifiedHigh
2XXX.XXX.XXX.XXXxxx-xxx-xxxxx.xx.xxxxxx.xx.xxXxxxxx04/08/2022verifiedHigh
3XXX.XX.XX.XXXXxxxxx04/08/2022verifiedHigh
4XXX.XX.XX.XXXXxxxxx04/08/2022verifiedHigh

TTP - Tactics, Techniques, Procedures (2)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1059.007CWE-79Cross Site ScriptingpredictiveHigh
2TXXXXCWE-XXXxx XxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (21)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/index.phppredictiveMedium
2Fileajax_url.phppredictiveMedium
3Filedialog.phppredictiveMedium
4Fileindex.phppredictiveMedium
5Filexxxxxxxxxx.xxx.xxxpredictiveHigh
6Filexxxxxxxx.xpredictiveMedium
7Libraryxxxxxxxx_xxxxxxxxx.xxx.xxxpredictiveHigh
8ArgumentxxxpredictiveLow
9Argumentxxxxxxxxxxxxxx/xxxxxxxxxxxpredictiveHigh
10Argumentxxxxxxxx_xxpredictiveMedium
11Argumentxxx[x]predictiveLow
12Argumentxxx[xxxxxx][xxxxxxxxx]predictiveHigh
13ArgumentxxxpredictiveLow
14ArgumentxxxpredictiveLow
15ArgumentxxpredictiveLow
16ArgumentxxxxpredictiveLow
17ArgumentxxxxxxpredictiveLow
18ArgumentxxxxxpredictiveLow
19Argumentxxxxxx_xxxxpredictiveMedium
20ArgumentxxxxpredictiveLow
21Input Valuex) xx x-- -predictiveMedium

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you know our Splunk app?

Download it now for free!