Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 181.165.68.127. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:181.165.68.127
Hostname:127-68-165-181.fibertel.com.ar
Status:- Online
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS10318
AS name:Telecom Argentina S.A.
Country:- AR
First seen:2020-11-13 07:24:54 UTC
Last seen:2020-11-21 21:47:17 UTC
Last online:2020-11-24

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2020-11-22 18:37:29cc8fe6ac54a2cb50fb0775a487c421edVirustotal results 50 / 72 (69.44%) 181.165.68.12780Heodo
2020-11-22 02:37:31a22fa744efbe20741e5dc73c8f1dd526Virustotal results 47 / 72 (65.28%) 181.165.68.12780Heodo
2020-11-21 22:29:135d49d1976331a8464eb9dce59e37bdbfn/a181.165.68.12780Heodo
2020-11-15 04:58:00da56f8cf23d6294185d35a5981c3771dVirustotal results 34 / 72 (47.22%) 181.165.68.12780Heodo

# of malware samples: 4