Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 118.174.139.50. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:118.174.139.50
Hostname:node-mq.ll-118-174.static.totisp.net
Status:Offline
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS131293
AS name:TOT-LLI-AS-AP TOT Public Company Limited
Country:- TH
First seen:2019-04-08 15:00:51 UTC
Last seen:2019-05-02 12:30:48 UTC
Last online:2019-05-03

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2019-05-01 12:23:32efa0587fd0737ff9d32c3a3861494dbfVirustotal results 54/70 (77.14%) 118.174.139.5080Heodo
2019-04-11 12:58:45c4b6069f71887b92c163b2bfe96a7154Virustotal results 51/68 (75.00%) 118.174.139.5080Heodo
2019-04-09 12:24:10d71968fc7c418a5a143988a263b2acf5Virustotal results 46/69 (66.67%) 118.174.139.5080Heodo
2019-04-08 14:10:16c6624d99eee9fd5c0c8b4b4b4a9704ceVirustotal results 19/71 (26.76%) 118.174.139.5080Heodo
2019-04-08 13:41:005d6019733fd57be83041a5039849fc44Virustotal results 41/69 (59.42%) 118.174.139.5080Heodo

# of malware samples: 5