IOC Radar
MD5HighVerifiedSignal 100/100

1f4fd8fbe2b36cb80f9a1850bd746ae1

Location
PeruPeru
First Seen
Jun 10, 2025
Last Seen
Jan 23, 2026
Jun 10
First Seen
367d ago
Jan 23
Last Seen
141d ago
6
Reports
source reports
99%
Confidence
high
55/75
VirusTotal
detections
Found in 6 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
MD5 Hash
MD5 file hash associated with malicious samples.
MISP Category
Artifacts Dropped
Hash Algorithm
MD5
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

45 techniques

Feed Intelligence Summary

6 reports99% confidence
6
Source reports
99%
Confidence score
Category tags
abuseadrian__lucaagent teslaagenttesla malware activityagenttesla rat infectionattackbotnetcode executioncommand and controlcommand executioncommercial ratcredential accesscredential harvestingcredential theftdata exfiltrationdetect-debug-environmentdistributed attacksexfiltrationfile-hashfilesindicatorinformation stealerinfostealeringress tool transferlong-sleepsmalicious activitymalicious softwaremalwaremalware distributionoperating systempeexeperuphishing attackprocess injectionratremote accessremote servicesresearchedsocial engineeringsoftware exploitationsouth americat1003t1005t1021t1021.001t1027t1033t1041t1048t1053.005t1055t1056t1056.001t1057t1059t1059.001t1069.001t1071t1071.001t1078t1082t1083t1087t1105t1113t1115t1124t1140t1185t1189t1203t1204t1204.002t1486t1496t1499.002t1499.003t1547t1552t1555t1565t1566t1566.001t1566.002t1566.003t1588.002threat actortrojan malwarewin32 malwarewindows malware

Activity Timeline

1 total obs
Jan 23Jan 23

Threat Activity Heatmap

· Peak: 2026-01-23
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), a malicious MD5 hash, carries critical significance as it is directly associated with the notorious AgentTesla information stealer malware. Its presence within an organizational environment signifies a high-severity incident, strongly suggesting an active compromise or a successful attempt at deploying sophisticated data exfiltration capabilities. If left unaddressed, the compromise could lead to widespread credential theft, unauthorized access to sensitive sy…

Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
6
Reports
First seenJun 10, 2025
Last seenJan 23, 2026
Verified IOC

VirusTotal

55/ 75vendors flagged
73% detection rateJun 3, 2026

WHOIS

description
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
references
https://www.virustotal.com/graph/embed/g1dc15d29f9c04db090d811160eb39e46579edabe110b4703982317c7ce9e13cc?theme=light, https://darfe.es/ciberwiki/index.php?title=Agent_Tesla

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 1 year ago · Last seen 4 months ago
Appeared in 6 threat reports