Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 173.21.116.239. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:173.21.116.239
Hostname:173-21-116-239.client.mchsi.com
Status:Offline
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS30036
AS name:MEDIACOM-ENTERPRISE-BUSINESS - Mediacom Communications Corp
Country:- US
First seen:2019-02-20 07:18:58 UTC
Last seen:2019-03-08 02:45:14 UTC

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2019-03-08 14:46:01d89bbcc3c832689eb43cc42ea218f3d6Virustotal results 42/65 (64.62%) 173.21.116.23980Heodo
2019-03-04 23:14:0172a35388d71a4b860e014fd02044710cVirustotal results 14/64 (21.88%) 173.21.116.23980Heodo
2019-02-26 14:58:320979e1c325da66820a93af32efb14e4dVirustotal results 23/56 (41.07%) 173.21.116.23980Heodo
2019-02-26 14:45:47caba54b0049df27195cfc0b17ea43656Virustotal results 22/54 (40.74%) 173.21.116.23980Heodo
2019-02-26 10:57:216e9d8f99ec5f804e3d55135c3f9e5c48Virustotal results 23/69 (33.33%) 173.21.116.23980Heodo
2019-02-21 00:55:4100db4564c2553106435ef19bc41467eeVirustotal results 16/55 (29.09%) 173.21.116.23980Heodo
2019-02-20 17:01:280d58eb670dba5588904aa56e8b1c4e36Virustotal results 13/58 (22.41%) 173.21.116.23980Heodo
2019-02-20 17:00:18ef6d5e85a7cf1db96d8e9343d3c70564Virustotal results 13/53 (24.53%) 173.21.116.23980Heodo

# of malware samples: 8