Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 105.224.171.102. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:105.224.171.102
Hostname:105-224-171-102.south.dsl.telkomsa.net
Status:- Online
Spamhaus SBL:SBL446136
Malware:Heodo -
AS number:AS37457
AS name:Telkom-Internet
Country:- ZA
First seen:2019-05-07 20:32:40 UTC
Last seen:2019-05-17 12:07:45 UTC
Last online:2019-05-23

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2019-05-17 12:17:060f44f2bb79b68b8abb1bba82491a4efeVirustotal results 16/71 (22.54%) 105.224.171.10280Heodo
2019-05-17 10:04:570eeca9253d7458e6ddb4e131f39b63f7Virustotal results 54/70 (77.14%) 105.224.171.10280Heodo
2019-05-17 10:04:1556aba48088c683965401f48e5cc5c27bVirustotal results 25/70 (35.71%) 105.224.171.10280Heodo
2019-05-17 06:00:02e27208ada49bba76f7d17ec806e8fa77Virustotal results 18/71 (25.35%) 105.224.171.10280Heodo
2019-05-09 22:47:04b9a10fef9cc3ece00229b362c92ea026Virustotal results 15/72 (20.83%) 105.224.171.10280Heodo
2019-05-08 17:41:46b2cbc69e4ecf4d0f2c305ae6db6b840fVirustotal results 14/73 (19.18%) 105.224.171.10280Heodo

# of malware samples: 6