Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 172.248.21.6. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:172.248.21.6
Hostname:cpe-172-248-21-6.socal.res.rr.com
Status:Offline
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS20001
AS name:TWC-20001-PACWEST - Charter Communications Inc
Country:- US
First seen:2019-02-20 07:18:58 UTC
Last seen:2019-02-22 04:31:23 UTC

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2019-02-22 04:59:305446e86512e56b9e995e7baa2f774be0Virustotal results 13/69 (18.84%) 172.248.21.68080Heodo
2019-02-21 07:12:3764863896528dec63e50fac68c8ac5509Virustotal results 18/65 (27.69%) 172.248.21.68080Heodo
2019-02-20 17:01:280d58eb670dba5588904aa56e8b1c4e36Virustotal results 13/58 (22.41%) 172.248.21.68080Heodo
2019-02-20 17:01:280d58eb670dba5588904aa56e8b1c4e36Virustotal results 13/58 (22.41%) 172.248.21.68080Heodo
2019-02-20 17:00:18ef6d5e85a7cf1db96d8e9343d3c70564Virustotal results 13/53 (24.53%) 172.248.21.68080Heodo
2014-12-04 15:36:46050d56b56efe9ff30b8777dc0920ccb1Virustotal results 48/55 (87.27%) 172.248.21.68080Wapomi

# of malware samples: 6