SHA1MediumSignal 100/100
2472433fc004171a5a3f16302b26310421cdf12e
Location
First Seen
Apr 2, 2025
Last Seen
Feb 8, 2026
Found in 8 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
SHA-1 Hash
SHA-1 file hash associated with malicious samples.
MISP Category
Artifacts Dropped
Hash Algorithm
SHA1
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Feed Intelligence Summary
8 reports99% confidence
8
Source reports
99%
Confidence score
Category tags
agent teslaagenttesla malware activityagenttesla rat infectionattackbotnetcalls-wmichecks-bioschecks-network-adapterschecks-user-inputcode executioncommand and controlcommand executioncommercial ratcredential accesscredential harvestingcredential theftdata exfiltrationdetect-debug-environmentdistributed attacksexeexfiltrationfile-hashfilesindicatorinformation stealerinfostealeringress tool transferjameswt_wtlong-sleepsmalicious activitymalicious softwaremalwaremalware distributionoperating systempeexeperuphishing attackprocess injectionratremote accessremote servicesresearchedsocial engineeringsoftware exploitationsouth americat1003t1005t1021t1021.001t1027t1033t1041t1048t1053.005t1055t1056t1056.001t1057t1059t1059.001t1069.001t1071t1071.001t1078t1082t1083t1087t1105t1113t1115t1124t1140t1185t1189t1203t1204t1204.002t1486t1496t1499.002t1499.003t1547t1552t1555t1565t1566t1566.001t1566.002t1566.003t1588.002threat actortrojan malwarewin32 malwarewindows malware
Activity Timeline
Feb 8Feb 8
Threat Activity Heatmap
· Peak: 2026-02-08LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
8
Reports
First seenApr 2, 2025
Last seenFeb 8, 2026
VirusTotal
Not checked
WHOIS
- description
- Agent Tesla es una herramienta de acceso remoto disponible para compra en un sitio web oficial, supuestamente promocionada como un programa legítimo; sin embargo, en realidad, se utiliza con fines maliciosos por ciberdelincuentes para robar datos personales. Los desarrolladores intentan dar una impresión de legitimidad, pero en realidad, fomentan su uso para el control y la monitorización de equipos ajenos, obteniendo beneficios de diversas maneras, como el registro de pulsaciones de teclas para obtener acceso a cuentas de víctimas.
- references
- https://www.virustotal.com/graph/embed/g1dc15d29f9c04db090d811160eb39e46579edabe110b4703982317c7ce9e13cc?theme=light, https://darfe.es/ciberwiki/index.php?title=Agent_Tesla
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 4 months ago
Appeared in 8 threat reports