TLP:WHITE19 IOCs
LATAM Under Siege: Agent Tesla’s 18-Month Credential Theft Campaign Against Chilean Enterprises
Threat Actors
Malware Families
Diamond Model
Adversary(1)
Infrastructure(5)
Capability(2)
Victim
5W+H Threat Analysis
Analysis unavailable
Indicators of Compromise
Indicators of Compromise19
| Type | Indicator | Confidence | Score | First Seen |
|---|---|---|---|---|
| SHA256 | c61b1941cf756eb7551f7c661743802362728b785adc22e860d269713dfb01a6 file-hashintel-blogmalware | Medium | 53 | Jun 2, 26 |
| MD5 | f87d105625dbc96f63d5b4b81dce4c39 file-hashintel-blogmalware | Medium | 53 | Jun 2, 26 |
| SHA256 | 43d09743a69c9afa7156bf4e2bf7423b3d5f5ad7d54c4c3fb8a698d526778057 file-hashintel-blogmalware | Medium | 53 | Jun 2, 26 |
| IP | 208.95.112.1 intel-blogmalwarenetwork | High | 58 | Jun 2, 26 |
| SHA1 | b50b3800b17ad7ad5c4483c0b6b24d1d151a9d10 file-hashintel-blogmalware | Medium | 53 | Jun 2, 26 |
| MD5 | 78ba57f4a164bedc26204296ea09bb8f file-hashintel-blogmalware | Medium | 53 | Jun 2, 26 |
| MD5 | a7eeead9c868d9944ed1c1f113328f32 file-hashintel-blogmalware | Medium | 53 | Jun 2, 26 |
| SHA256 | d5b7247c497788cf0031ceb06e3df77a45fef59f1e49633dc7159816d64759b5 file-hashintel-blogmalware | Medium | 53 | Jun 2, 26 |
| SHA256 | 948c8c69fe02eda9231aebfa5c626335307058ac74a5c3c40b346179a1bfc982 file-hashintel-blogmalware | Medium | 53 | Jun 2, 26 |
| SHA256 | 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7 file-hashintel-blogloader | Medium | 53 | Jun 2, 26 |
| SHA256 | 7929355856a2a85d48f95d230cd74fbb5ad554bed49e73b1800136c4bcccd1a8 file-hashintel-blogmalware | Medium | 53 | Jun 2, 26 |
| SHA256 | f1c3ebe78bd8c38559bf3cfcc9a9fa37d221e31780774a3787e26160a61f5348 file-hashintel-blogmalware | Medium | 53 | Jun 2, 26 |
| URL | ftp://ftp.horeca-bucuresti.ro intel-blogmalwarenetwork | High | 58 | Jun 2, 26 |
| Domain | email.elrif.com intel-blogmalwarenetwork | High | 58 | Jun 2, 26 |
| Domain | email.v.todotramitesperu.com.elgartizocon.ro intel-blogmalwarenetwork | High | 58 | Jun 2, 26 |
| IP | 89.39.83.184 c2exfiltrationintel-blog | High | 58 | Jun 2, 26 |
| [email protected] emailintel-blogmalware | High | 58 | Jun 2, 26 | |
| SHA256 | c356aff1a01c2b0da472e584c8e3c8f875b9a24280435d42836a77b19f5a8c18 file-hashintel-blogmalware | Medium | 53 | Jun 2, 26 |
| SHA256 | cd83f5ceb2d014badfa991106a9d37a6aeab9043d60d796ad0f16d36cdfa5703 file-hashintel-blogmalware | Medium | 53 | Jun 2, 26 |
IOC Relationship Graph
IOC Relationship Graph19 total IOCs
SHA256MD5IPSHA1URLDomainEmail