Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 168.197.252.178. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:168.197.252.178
Hostname:168-197-252-178.provedoraplateia.net.br
Status:Offline
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS265489
AS name:RAFAEL BADRA CALOCA - ME
Country:- BR
First seen:2020-03-21 07:44:50 UTC
Last seen:2020-05-10 21:37:43 UTC
Last online:2020-04-07

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2020-05-10 21:51:30092113548bbdbc45f57e0893a56c0ffbVirustotal results 50 / 73 (68.49%) 168.197.252.17880Heodo
2020-05-09 10:57:44fb96691b020d13f8400b00f7f3b02b1dVirustotal results 10 / 71 (14.08%) 168.197.252.17880Heodo
2020-05-08 17:26:444e81e992f93f3bb3532293699b34ebe6Virustotal results 46 / 72 (63.89%) 168.197.252.17880Heodo
2020-04-26 12:53:41a8eba7af10137373ae1635cea199e608Virustotal results 55 / 73 (75.34%) 168.197.252.17880Heodo
2020-03-23 14:08:55de63a7195d391e627116cede3a4ce976Virustotal results 35 / 73 (47.95%) 168.197.252.17880Heodo
2020-03-21 23:25:121f20800e83eeec842edb183190448e68Virustotal results 23 / 73 (31.51%) 168.197.252.17880Heodo
2020-03-21 09:14:39b09bbbe75e1fb85ef8f64efea703596dn/a168.197.252.17880Heodo
2020-03-21 08:51:451542d4dfc0ba9237f644f5b7055c9e88n/a168.197.252.17880Heodo
2020-03-21 08:25:427b00f39bfc58e49bc91e32a5a32a1b0fn/a168.197.252.17880Heodo
2020-03-21 07:54:2788b001b8f7de4de477d699e7558ace56n/a168.197.252.17880Heodo

# of malware samples: 10