Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 173.166.140.145. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:173.166.140.145
Hostname:n/a
Status:Offline
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS7922
AS name:COMCAST-7922 - Comcast Cable Communications, LLC
Country:- US
First seen:2018-12-06 13:50:07 UTC
Last seen:2018-12-07 07:13:10 UTC

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2019-01-09 00:37:50b7eb9ca11ce212beff0653b2d5d8d107Virustotal results 45/69 (65.22%) 173.166.140.1458080Heodo
2019-01-08 12:53:24e1aa639469f729a18e76b8751c3ed556Virustotal results 47/69 (68.12%) 173.166.140.1458080Heodo
2018-12-07 11:21:55e12cf2315776f9e9200c8966983a9f03Virustotal results 13/69 (18.84%) 173.166.140.1458080Heodo
2018-12-07 11:14:438c7ebd739990c20d34ee9da707747bc2Virustotal results 12/68 (17.65%) 173.166.140.1458080Heodo
2018-12-07 09:30:02d65e30fbabc30b91c85271bc147f5132Virustotal results 13/67 (19.40%) 173.166.140.1458080Heodo
2018-12-07 09:03:348f00b4923812007ca2b52928071c20c4Virustotal results 16/68 (23.53%) 173.166.140.1458080Heodo
2018-12-07 03:44:54cdc301ea2d9c306e1e8e10ecaf6694c1Virustotal results 16/69 (23.19%) 173.166.140.1458080Heodo
2018-12-07 03:27:053acf392aa90549b4dbfcc6daa3cc93c6Virustotal results 20/69 (28.99%) 173.166.140.1458080Heodo
2018-12-07 01:52:38f8db7b605a60fb1d4d228d9f45eac791Virustotal results 18/70 (25.71%) 173.166.140.1458080Heodo
2018-12-06 23:57:235da78db02f49ac9db608971068a1d7efVirustotal results 10/68 (14.71%) 173.166.140.1458080Heodo

# of malware samples: 10