IOC Radar
SHA1HighVerifiedSignal 92/100

00dc0740aef2d42021b7bb1174961975cf1f4d51

Location
PeruPeru
First Seen
Jul 6, 2025
Last Seen
Apr 7, 2026
Jul 6
First Seen
344d ago
Apr 7
Last Seen
69d ago
6
Reports
source reports
92%
Confidence
high
Found in 6 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
SHA-1 Hash
SHA-1 file hash associated with malicious samples.
MISP Category
Artifacts Dropped
Hash Algorithm
SHA1
Confidence
92%
Signal Score
92 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

45 techniques

Feed Intelligence Summary

6 reports92% confidence
6
Source reports
92%
Confidence score
Category tags
active scanagent teslaagenttesla malware activityagenttesla rat infectionattackbotnetbotnet activitybrute forcecalls-wmichecks-bioschecks-network-adapterscode executioncommand and controlcommand executioncommercial ratcredential accesscredential harvestingcredential stuffingcredential theftdata exfiltrationdata store exposuredetect-debug-environmentdistributed attacksexfiltrationexploitation activityfile-hashfilesidentity & access exploitationindicatorinformation stealerinfostealeringress tool transferinjection activitylong-sleepsmalicious activitymalicious softwaremalwaremalware distributionmobile threatoperating systempeexeperuphishingphishing attackprocess injectionratremote accessremote servicesresearchedsocial engineeringsoftware exploitationsouth americat1003t1005t1021t1021.001t1027t1033t1041t1048t1053.005t1055t1056t1056.001t1057t1059t1059.001t1069.001t1071t1071.001t1078t1082t1083t1087t1105t1113t1115t1124t1140t1185t1189t1203t1204t1204.002t1486t1496t1499.002t1499.003t1547t1552t1555t1565t1566t1566.001t1566.002t1566.003t1588.002threat actortor nodetrojan malwarevulnerability scanwin32 malwarewindows malware

Activity Timeline

1 total obs
Apr 7Apr 7

Threat Activity Heatmap

· Peak: 2026-04-07
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
92
SIGNAL
Signal Score
92%
Confidence
6
Reports
First seenJul 6, 2025
Last seenApr 7, 2026
Verified IOC

VirusTotal

Not checked

WHOIS

description
Agent Tesla es una herramienta de acceso remoto disponible para compra en un sitio web oficial, supuestamente promocionada como un programa legítimo; sin embargo, en realidad, se utiliza con fines maliciosos por ciberdelincuentes para robar datos personales. Los desarrolladores intentan dar una impresión de legitimidad, pero en realidad, fomentan su uso para el control y la monitorización de equipos ajenos, obteniendo beneficios de diversas maneras, como el registro de pulsaciones de teclas para obtener acceso a cuentas de víctimas.
references
https://www.virustotal.com/graph/embed/g1dc15d29f9c04db090d811160eb39e46579edabe110b4703982317c7ce9e13cc?theme=light, https://darfe.es/ciberwiki/index.php?title=Agent_Tesla

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 11 months ago · Last seen 2 months ago
Appeared in 6 threat reports