Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 181.196.27.123. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:181.196.27.123
Hostname:123.27.196.181.static.anycast.cnt-grms.ec
Status:Offline
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS28006
AS name:CORPORACION NACIONAL DE TELECOMUNICACIONES - CNT EP
Country:- EC
First seen:2020-01-22 15:48:08 UTC
Last seen:2020-03-21 07:24:34 UTC
Last online:2020-03-20

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2020-03-23 14:59:199eeb9f872a12f1baa0c781affe7895ffVirustotal results 33 / 72 (45.83%) 181.196.27.12380Heodo
2020-03-21 07:47:190de6cd19f60a9594d7d3b94fd871eeb9n/a181.196.27.12380Heodo
2020-03-21 07:30:309f821ea64fcfbea3b06444b899f9639bn/a181.196.27.12380Heodo
2020-02-28 13:25:060a0abc8e9ad230591de7fa615dad9bcdn/a181.196.27.12380Heodo
2020-02-16 16:50:42cb1e5502acaf9e3fc720fc7b9fa6353cVirustotal results 8 / 72 (11.11%) 181.196.27.12380Heodo
2020-01-25 04:05:38d9df605d595955930113bee4c470fe8eVirustotal results 19 / 72 (26.39%) 181.196.27.12380Heodo
2020-01-25 04:03:32f69f0917c31b1676082413af2fb49f43Virustotal results 17 / 70 (24.29%) 181.196.27.12380Heodo
2020-01-25 04:03:06864d9652ccd1d7b46bb0be54d1f4cdc9Virustotal results 13 / 73 (17.81%) 181.196.27.12380Heodo
2020-01-25 04:01:1771ee87e44bdb59ed3db51ad907055431Virustotal results 13 / 72 (18.06%) 181.196.27.12380Heodo
2020-01-25 04:00:29d5e84fcc1c755eaaf484367a89341c7dVirustotal results 11 / 72 (15.28%) 181.196.27.12380Heodo

# of malware samples: 10