Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 128.2.97.48. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:128.2.97.48
Hostname:PO-WITS02-D.PC.CC.CMU.EDU
Status:Offline
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS9
AS name:CMU-ROUTER - Carnegie Mellon University, US
Country:- US
First seen:2018-09-03 14:11:27 UTC
Last seen:never

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2018-10-03 18:19:197c36bee5ffeeb447bbf562357967d7feVirustotal results 34/69 (49.28%) 128.2.97.4880TrickBot
2018-09-10 21:50:150d461e848a9c14d8cc95d89b759c32f9Virustotal results 45/68 (66.18%) 128.2.97.4880Heodo
2018-09-10 01:43:133e9230a811dbc15a4b79875cf8d61d1cVirustotal results 43/65 (66.15%) 128.2.97.4880Heodo
2018-09-05 16:47:24e1b9b9609edd5b909194ba2e7bd68a42Virustotal results 17/68 (25.00%) 128.2.97.4880Heodo
2018-09-04 09:29:47420e53c9e10b10d19edd2cb50bcf3521Virustotal results 12/68 (17.65%) 128.2.97.4880Heodo
2018-09-03 13:45:4104d7485640e1450dfaf9bb2b67c85526Virustotal results 17/68 (25.00%) 128.2.97.4880Heodo

# of malware samples: 6