Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 181.164.25.59. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:181.164.25.59
Hostname:59-25-164-181.fibertel.com.ar
Status:Offline
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS10318
AS name:Telecom Argentina S.A.
Country:- AR
First seen:2020-03-10 10:39:09 UTC
Last seen:2020-04-30 22:15:45 UTC
Last online:2020-03-23

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2020-04-30 22:28:281ff853d4996815db0a056377b91aecf0Virustotal results 47 / 72 (65.28%) 181.164.25.5980Heodo
2020-04-16 10:11:32ad637618cf7103dd16ca68d93a3e3365Virustotal results 42 / 71 (59.15%) 181.164.25.5980Heodo
2020-03-28 15:24:29c05ca334cffedc41751983c22b210ec1Virustotal results 45 / 72 (62.50%) 181.164.25.5980Heodo
2020-03-28 04:22:15aefd8c7abec4eeaad3032cfeee19d3a2Virustotal results 45 / 73 (61.64%) 181.164.25.5980Heodo
2020-03-27 15:01:56c63e30c0057331a6a90c5aeb608c4d70Virustotal results 46 / 73 (63.01%) 181.164.25.5980Heodo
2020-03-25 22:33:1736ed9437ae80079284518396ed377445n/a181.164.25.5980Heodo
2020-03-25 11:31:12c64762e705023a704087c31ee677fff2n/a181.164.25.5980Heodo
2020-03-25 11:26:597d66664618924ac58579420901379658n/a181.164.25.5980Heodo
2020-03-14 17:33:48aef27bf0e40ec4c804cde68718fb6fc7n/a181.164.25.5980Heodo
2020-03-14 08:14:30b7265dd28f4e2662aadba7b270f36591Virustotal results 4 / 72 (5.56%) 181.164.25.5980Heodo
2020-03-13 06:56:26b9ddfcd2f13ab633288ee8fcfc6da689Virustotal results 2 / 71 (2.82%) 181.164.25.5980Heodo
2020-03-10 10:54:227bfe4c742d3bad31187850bc75cf9f80n/a181.164.25.5980Heodo

# of malware samples: 12