Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 191.191.23.135. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:191.191.23.135
Hostname:bfbf1787.virtua.com.br
Status:Offline
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS28573
AS name:CLARO S.A.
Country:- BR
First seen:2020-10-08 18:59:24 UTC
Last seen:2020-10-21 17:24:43 UTC
Last online:2020-10-20

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2020-10-22 05:27:174af7040e6d8733644d4527bf1e6d50cbVirustotal results 40 / 66 (60.61%) 191.191.23.13580Heodo
2020-10-20 08:34:02cc6d9b4c67f57e96673a84f0328b1d9eVirustotal results 34 / 70 (48.57%) 191.191.23.13580Heodo
2020-10-18 12:19:17b1045b23d433b630627fd049019f934fVirustotal results 44 / 68 (64.71%) 191.191.23.13580Heodo
2020-10-18 03:21:55a2ded66744cf56989e860758b2d52ed5Virustotal results 43 / 71 (60.56%) 191.191.23.13580Heodo
2020-10-16 19:27:3119186160c205672c4fef29de6ae591f7Virustotal results 19 / 70 (27.14%) 191.191.23.13580Heodo
2020-10-15 21:59:05a75466895a9c856739f0ef2fb84f73abVirustotal results 27 / 71 (38.03%) 191.191.23.13580Heodo
2020-10-14 18:02:50540d70758c927aa45c000e1ef9ee88a9Virustotal results 33 / 66 (50.00%) 191.191.23.13580Heodo
2020-10-14 17:42:453a029d9b0edbda3f20e300b8f3f3f1abVirustotal results 36 / 70 (51.43%) 191.191.23.13580Heodo
2020-10-14 09:39:407c518feaf6d7b56028712120cbb4dda9Virustotal results 14 / 71 (19.72%) 191.191.23.13580Heodo
2020-10-14 09:35:09d5db90c4708b1435652e2b56db0205a9n/a191.191.23.13580Heodo
2020-10-14 08:21:515a3b1a5225aa751c9d1567c1badc5824n/a191.191.23.13580Heodo
2020-10-13 18:22:396136c0ae3f957cc125d162c5f26a8b26Virustotal results 34 / 68 (50.00%) 191.191.23.13580Heodo
2020-10-11 13:13:40bf44a22f9d2481500f0413359a55abb7Virustotal results 36 / 70 (51.43%) 191.191.23.13580Heodo
2020-10-10 14:53:15441f99c4c9fb6e87e8436c69f18ec649Virustotal results 41 / 69 (59.42%) 191.191.23.13580Heodo
2020-10-10 14:47:0643c132a1f848533741715c888fe50cb7Virustotal results 41 / 70 (58.57%) 191.191.23.13580Heodo

# of malware samples: 15