Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 116.90.230.98. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:116.90.230.98
Hostname:mail.ulci.com.np
Status:Offline
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS24550
AS name:WEBSURFERNP-AS-NP Websurfer Nepal Internet Service Provider
Country:- NP
First seen:2020-02-19 09:51:00 UTC
Last seen:2020-03-17 18:22:10 UTC
Last online:2020-02-26

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2020-03-20 09:51:19946a0f3c2386c1701f24983a1a0a2739Virustotal results 42 / 74 (56.76%) 116.90.230.98443Heodo
2020-03-08 18:59:128e495eb0823fecb0cf94b1132f7b2bc8Virustotal results 31 / 73 (42.47%) 116.90.230.98443Heodo
2020-02-28 13:25:060a0abc8e9ad230591de7fa615dad9bcdn/a116.90.230.98443Heodo
2020-02-19 10:54:410dddd7df295c3e6c40ba7e654fafddb2n/a116.90.230.98443Heodo
2019-12-22 12:10:250dec9b0485007f34490b029822a1022bVirustotal results 20 / 72 (27.78%) 116.90.230.98443Adware.DriverPack

# of malware samples: 5