Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 113.52.135.33. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:113.52.135.33
Hostname:mail.doysoft.com
Status:Offline
Spamhaus SBL:SBL472413
Malware:Heodo -
AS number:AS133380
AS name:LAYER-AS Layerstack Limited
Country:- HK
First seen:2019-10-09 22:51:48 UTC
Last seen:2020-01-20 15:26:36 UTC
Last online:2020-01-09

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2020-01-20 16:44:09f97bb9f7c4fd215fea6fe3aec20d79e3Virustotal results 37 / 71 (52.11%) 113.52.135.337080Heodo
2020-01-07 17:29:251e823ff3a91246932ab2432bd6bd0727Virustotal results 52 / 73 (71.23%) 113.52.135.337080Heodo
2019-11-16 02:00:13984a49dcbe3f24858bce1fbce0705be4Virustotal results 45 / 66 (68.18%) 113.52.135.337080Heodo
2019-11-02 03:11:02884464c7f38b25f94a83795c03573f11Virustotal results 11 / 68 (16.18%) 113.52.135.337080Heodo
2019-10-09 23:05:184cbb5e337b80cf08c4e3e107981cea90Virustotal results 3 / 69 (4.35%) 113.52.135.337080Heodo

# of malware samples: 5