Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 128.2.98.139. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:128.2.98.139
Hostname:PO-SABROWN-D.PC.CC.CMU.EDU
Status:Offline
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS9
AS name:CMU-ROUTER - Carnegie Mellon University
Country:- US
First seen:2018-09-11 08:59:59 UTC
Last seen:2019-01-08 09:35:12 UTC

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2019-01-09 02:36:0071b61dd94b5b76355781c4b9c8cdffe5Virustotal results 35/68 (51.47%) 128.2.98.139443Heodo
2019-01-08 21:21:37cfef30c5c3ac4c16408f8f2ec0dc8daeVirustotal results 12/68 (17.65%) 128.2.98.139443Heodo
2019-01-08 21:01:535663f685d693273678c20095a58e6a9fVirustotal results 40/68 (58.82%) 128.2.98.139443Heodo
2019-01-08 14:59:00974922c6081c99bab6f615985295722dVirustotal results 34/68 (50.00%) 128.2.98.139443Heodo
2019-01-08 12:25:39fc819f0f28559a35541eb5bfacfeaa46Virustotal results 35/69 (50.72%) 128.2.98.139443Heodo
2019-01-08 10:38:27c9c54ca706f013abb3472a6ba84b8cb3Virustotal results 45/69 (65.22%) 128.2.98.139443Heodo
2019-01-08 07:59:22a84688cf8dadbccc3a4608ecbdbe00f8Virustotal results 40/67 (59.70%) 128.2.98.139443Heodo
2019-01-08 07:56:414e9411567b9d296bac5687eafb60a871Virustotal results 33/68 (48.53%) 128.2.98.139443Heodo

# of malware samples: 8