Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 159.69.89.130. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:159.69.89.130
Hostname:mail.elektropost.io
Status:Offline
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS24940
AS name:HETZNER-AS
Country:- DE
First seen:2019-12-20 07:46:15 UTC
Last seen:2019-12-23 20:49:39 UTC
Last online:2019-12-29

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2020-01-12 12:55:09cf21099b1ea7b58dfec2c00d6f6b92c0n/a159.69.89.1308080Heodo
2019-12-24 09:55:48a63f3247022d68940ba11b65b93ac39cVirustotal results 35 / 73 (47.95%) 159.69.89.1308080Heodo
2019-12-21 11:08:0068de8540a8fb2f382006b20031d4da45Virustotal results 7 / 71 (9.86%) 159.69.89.1308080Heodo
2019-12-21 09:23:015933e6e71b1d3e766d1d529f9ac15c47Virustotal results 23 / 62 (37.10%) 159.69.89.1308080Heodo
2019-12-20 19:20:01de1fc43729d4a91bb96507345a981663n/a159.69.89.1308080Heodo
2019-12-20 19:09:2120177020ac92c57adda92d56c1014b9cVirustotal results 4 / 72 (5.56%) 159.69.89.1308080Heodo
2019-12-20 09:09:313729bbd35253cb99157212e0e90cc51cn/a159.69.89.1308080Heodo

# of malware samples: 7