Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 105.225.76.76. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:105.225.76.76
Hostname:105-225-76-76.south.dsl.telkomsa.net
Status:Offline
Spamhaus SBL:SBL427502
Malware:Heodo -
AS number:AS37457
AS name:Telkom-Internet
Country:- ZA
First seen:2018-12-21 06:46:50 UTC
Last seen:2019-01-08 09:31:15 UTC

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2019-01-08 22:05:584faf3756b7f9fd659dde9e9151e338bfVirustotal results 53/71 (74.65%) 105.225.76.7622Heodo
2019-01-08 14:39:54eca9632f4652709c96fc4d627c7f7848Virustotal results 48/69 (69.57%) 105.225.76.7622Heodo
2019-01-08 12:20:189f1269738813cff9599d8c2fedad735aVirustotal results 19/71 (26.76%) 105.225.76.7622Heodo
2018-12-23 10:58:42622bdf418b1ad9905224c24fb54a57bcVirustotal results 10/70 (14.29%) 105.225.76.7622Heodo
2018-12-23 10:48:47536cd0368e135b825b9e251b68950f9dVirustotal results 12/71 (16.90%) 105.225.76.7622Heodo
2018-12-23 01:59:066876afa341bef064704f03cb436b2788Virustotal results 13/69 (18.84%) 105.225.76.7622Heodo
2018-12-23 01:46:5445d3de38d0c3a068dad1b7ad2f1002cbVirustotal results 15/70 (21.43%) 105.225.76.7622Heodo
2018-12-23 01:33:50e09381d8855b7d2447c3fc75bc7d9405Virustotal results 14/70 (20.00%) 105.225.76.7622Heodo

# of malware samples: 8