Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 173.166.140.145. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:173.166.140.145
Hostname:onthemark.com
Status:Offline
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS7922
AS name:COMCAST-7922 - Comcast Cable Communications, LLC
Country:- US
First seen:2018-12-06 13:50:07 UTC
Last seen:2018-12-07 07:13:10 UTC

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2018-12-08 19:32:44b70716a2e61559450dc7236438fccfb5Virustotal results 25/60 (41.67%) 173.166.140.1458080Heodo
2018-12-08 19:30:0050f48e3907bf2fad6cb2a812318f7eaaVirustotal results 13/58 (22.41%) 173.166.140.1458080Heodo
2018-12-07 10:27:514d47b9b825c6c07f1b5efe03618d89d3Virustotal results 48/70 (68.57%) 173.166.140.1458080Heodo
2018-12-07 07:36:5528a96563f2f7ac5839a1103823a6f926Virustotal results 16/70 (22.86%) 173.166.140.1458080Heodo
2018-12-07 04:26:20d622e58d8d0f7f42c9d08cb47634a5cbVirustotal results 31/60 (51.67%) 173.166.140.1458080Heodo
2018-12-07 03:27:053acf392aa90549b4dbfcc6daa3cc93c6Virustotal results 20/69 (28.99%) 173.166.140.1458080Heodo
2018-12-07 01:52:38f8db7b605a60fb1d4d228d9f45eac791Virustotal results 18/70 (25.71%) 173.166.140.1458080Heodo

# of malware samples: 7