IOC Radar
SHA1HighVerifiedSignal 100/100

25c458fb0e2ae9a2faa3c9660738ba6e280a8e1a

Location
PeruPeru
First Seen
Jun 6, 2025
Last Seen
Jan 27, 2026
Jun 6
First Seen
373d ago
Jan 27
Last Seen
138d ago
5
Reports
source reports
99%
Confidence
high
Found in 5 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
SHA-1 Hash
SHA-1 file hash associated with malicious samples.
MISP Category
Artifacts Dropped
Hash Algorithm
SHA1
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

45 techniques

Feed Intelligence Summary

5 reports99% confidence
5
Source reports
99%
Confidence score
Category tags
agent teslaagenttesla malware activityagenttesla rat infectionattackbotnetcode executioncommand and controlcommand executioncommercial ratcredential accesscredential harvestingcredential theftdata exfiltrationdetect-debug-environmentdistributed attacksexeexfiltrationfile-hashfilesindicatorinformation stealerinfostealeringress tool transferlong-sleepsmalicious activitymalicious softwaremalwaremalware distributionoperating systempeexeperuphishing attackprocess injectionratremote accessremote servicesresearchedsocial engineeringsoftware exploitationsouth americat1003t1005t1021t1021.001t1027t1033t1041t1048t1053.005t1055t1056t1056.001t1057t1059t1059.001t1069.001t1071t1071.001t1078t1082t1083t1087t1105t1113t1115t1124t1140t1185t1189t1203t1204t1204.002t1486t1496t1499.002t1499.003t1547t1552t1555t1565t1566t1566.001t1566.002t1566.003t1588.002threat actortrojan malwarewin32 malwarewindows malware

Activity Timeline

1 total obs
Jan 27Jan 27

Threat Activity Heatmap

· Peak: 2026-01-27
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
5
Reports
First seenJun 6, 2025
Last seenJan 27, 2026
Verified IOC

VirusTotal

Not checked

WHOIS

description
Agent Tesla es una herramienta de acceso remoto disponible para compra en un sitio web oficial, supuestamente promocionada como un programa legítimo; sin embargo, en realidad, se utiliza con fines maliciosos por ciberdelincuentes para robar datos personales. Los desarrolladores intentan dar una impresión de legitimidad, pero en realidad, fomentan su uso para el control y la monitorización de equipos ajenos, obteniendo beneficios de diversas maneras, como el registro de pulsaciones de teclas para obtener acceso a cuentas de víctimas.
references
https://www.virustotal.com/graph/embed/g1dc15d29f9c04db090d811160eb39e46579edabe110b4703982317c7ce9e13cc?theme=light, https://darfe.es/ciberwiki/index.php?title=Agent_Tesla

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 1 year ago · Last seen 4 months ago
Appeared in 5 threat reports