Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 189.252.174.81. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:189.252.174.81
Hostname:dsl-189-252-174-81-dyn.prod-infinitum.com.mx
Status:Offline
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS8151
AS name:Uninet S.A. de C.V.
Country:- MX
First seen:2019-01-22 14:32:38 UTC
Last seen:2019-01-22 16:00:52 UTC

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2019-01-22 16:27:5123524848e00628c8e0f7828b65498840Virustotal results 25/57 (43.86%) 189.252.174.8120Heodo
2019-01-22 16:11:58e687e3aeb6ef3610b337319ccc77d373Virustotal results 12/56 (21.43%) 189.252.174.8120Heodo
2019-01-22 16:08:188853997fe8c46705edcc06e18e6d736fVirustotal results 11/58 (18.97%) 189.252.174.8120Heodo
2019-01-22 15:49:099d240a22e7a70229dcbbfcc3abdf5a78Virustotal results 28/58 (48.28%) 189.252.174.8120Heodo
2019-01-22 15:35:46f9af5e039609540df39b06163c85b34aVirustotal results 24/58 (41.38%) 189.252.174.8120Heodo
2019-01-22 15:31:13daabfaa66f943195c7bb42075fb58430Virustotal results 16/56 (28.57%) 189.252.174.8120Heodo
2019-01-22 15:28:55b8d9fc7fb9da17e7f466b523259b8a35Virustotal results 22/59 (37.29%) 189.252.174.8120Heodo
2019-01-22 15:21:0181d3eae083c5dc78f2b1c0be0c3e56e2Virustotal results 51/71 (71.83%) 189.252.174.8120Heodo
2019-01-22 15:20:131cbcd2bfcd5538d1f1d603d8315329a1Virustotal results 19/71 (26.76%) 189.252.174.8120Heodo
2019-01-22 14:45:09d70ea8181276bc35feffe563c562b6ddVirustotal results 17/71 (23.94%) 189.252.174.8120Heodo

# of malware samples: 10