Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 148.240.52.172. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:148.240.52.172
Hostname:dial-148-240-52-172.zone-2.ip.static-ftth.axtel.net.mx
Status:Offline
Spamhaus SBL:SBL460132
Malware:Heodo -
AS number:AS6503
AS name:Axtel, S.A.B. de C.V.
Country:- MX
First seen:2019-09-24 17:35:44 UTC
Last seen:2019-10-01 16:44:45 UTC
Last online:2019-09-25

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2019-10-01 16:50:2092ee3fd38c1cae374fbfd9e1076b7cd2Virustotal results 25 / 60 (41.67%) 148.240.52.17280Heodo
2019-10-01 12:35:31f0614302c300186d829984bb0791d826Virustotal results 10 / 71 (14.08%) 148.240.52.17280TrickBot
2019-09-27 02:05:31e79ac2e737a7a9cec628054a874fb540Virustotal results 16 / 70 (22.86%) 148.240.52.17280Heodo
2019-09-27 02:02:24591693340b5ff7a7c156e73c621d1d9cVirustotal results 16 / 71 (22.54%) 148.240.52.17280Heodo
2019-09-27 01:46:2531a7cb49049a761734097263bc39949dVirustotal results 12 / 70 (17.14%) 148.240.52.17280Heodo
2019-09-27 01:44:09d07953a5c8cf73fa19efc409473a4789Virustotal results 15 / 70 (21.43%) 148.240.52.17280Heodo
2019-09-26 11:55:595a6e2e5e10e8f8f589b693e7e0a8a998Virustotal results 12 / 60 (20.00%) 148.240.52.17280Heodo
2019-09-26 09:34:33b1c32138b6ed1b742c865b59800d243aVirustotal results 11 / 60 (18.33%) 148.240.52.17280Heodo
2019-09-26 09:30:28db4432b150c86f3b68fe5ba52338a55fVirustotal results 37/58 (63.79%) 148.240.52.17280Heodo
2019-09-26 09:24:14ab9047d94340128b9a2b68811d0251eaVirustotal results 38/58 (65.52%) 148.240.52.17280Heodo
2019-09-26 07:58:38bee7c3c88282c3436b7570cabd4a79bdn/a148.240.52.17280Heodo
2019-09-26 07:58:32969726c3717afdd337d60691b847d0a7Virustotal results 15 / 58 (25.86%) 148.240.52.17280Heodo
2019-09-26 05:56:23af14a5fe8e4aab85a2354e80e9ab8c31n/a148.240.52.17280Heodo
2019-09-26 05:05:4751e9b4ff43307a393b63c7e3a4324e6cVirustotal results 17 / 70 (24.29%) 148.240.52.17280Heodo
2019-09-25 22:25:414b7ddb7f84afda048cf199c0b1cfef58Virustotal results 38/59 (64.41%) 148.240.52.17280Heodo
2019-09-25 19:33:59f61258ef0ea6f66c5a60bbe18af2e0b2Virustotal results 8 / 57 (14.04%) 148.240.52.17280Heodo
2019-09-25 19:26:205a51c237c4cd0d8cdba6a903096a9985Virustotal results 8/57 (14.04%) 148.240.52.17280Heodo
2019-09-25 19:26:09765ae4eeb4dc1e74657d26a5256183f5Virustotal results 7 / 59 (11.86%) 148.240.52.17280Heodo
2019-09-25 19:03:57f4f23bbfbe5fc9596c3f9879503ca978Virustotal results 7 / 59 (11.86%) 148.240.52.17280Heodo
2019-09-25 18:29:471d330e8010fb0160a362ea6f30fd1de5Virustotal results 4 / 71 (5.63%) 148.240.52.17280Heodo
2019-09-25 18:01:289860a1aade5807bd17ca5cf62988362bVirustotal results 8 / 59 (13.56%) 148.240.52.17280Heodo
2019-09-25 15:32:408bcb0ce8bb4616184e3f1eee51be6612Virustotal results 9 / 69 (13.04%) 148.240.52.17280Heodo
2019-09-25 11:13:55a1e9d7e72fe043f12160347b40b492a3Virustotal results 38/58 (65.52%) 148.240.52.17280Heodo
2019-09-25 11:04:16c16e3e1f0cc2139456972954420d6383Virustotal results 8 / 59 (13.56%) 148.240.52.17280Heodo
2019-09-25 10:01:5075542be818e616bbf75685c17336df12Virustotal results 8 / 60 (13.33%) 148.240.52.17280Heodo
2019-09-25 09:20:34759e2ac36be7bec8c5e5704f65643674Virustotal results 39/60 (65.00%) 148.240.52.17280Heodo
2019-09-25 09:03:07549bbafe811332f88ea3e62fa3482273Virustotal results 8 / 57 (14.04%) 148.240.52.17280Heodo
2019-09-25 09:03:02dba3371ee7c49d363e1f0582da9c4fe6Virustotal results 38/59 (64.41%) 148.240.52.17280Heodo
2019-09-25 07:34:385cbca905c0a89109668f6f079654de1aVirustotal results 12 / 69 (17.39%) 148.240.52.17280Heodo
2019-09-25 05:19:21b73bae4e69821ed5e89f9d7a7b63e771Virustotal results 17 / 57 (29.82%) 148.240.52.17280Heodo
2019-09-25 04:01:30c4657163d510c115962380cc3474fc06Virustotal results 41/60 (68.33%) 148.240.52.17280Heodo
2019-09-25 03:01:27465547ab152c6979b2165ec136c8b0a2Virustotal results 15 / 70 (21.43%) 148.240.52.17280Heodo
2019-09-25 02:46:16fa072293d4b9327e5e568727e4f01890Virustotal results 19 / 57 (33.33%) 148.240.52.17280Heodo
2019-09-25 02:13:049517a57f9865442606761926df5811edVirustotal results 38/58 (65.52%) 148.240.52.17280Heodo
2019-09-25 00:47:42d1b6dd9a8ddc72bc84508e0ad3b15925n/a148.240.52.17280Heodo
2019-09-25 00:47:42d1b6dd9a8ddc72bc84508e0ad3b15925n/a148.240.52.17280Heodo
2019-09-24 23:54:076562ac62d15d934b0b0827e9c3202bd8Virustotal results 51/67 (76.12%) 148.240.52.17280Heodo
2019-09-24 22:54:45ffd6ab093da37ecbd1ec96700228c98cVirustotal results 17 / 58 (29.31%) 148.240.52.17280Heodo
2019-09-24 21:22:43581995cd5b7c0fdac1497617d52c072aVirustotal results 17 / 57 (29.82%) 148.240.52.17280Heodo
2019-09-24 20:27:07b61648a05c13794fb4a5414f1253e564Virustotal results 18 / 58 (31.03%) 148.240.52.17280Heodo

# of malware samples: 40