Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 191.92.120.49. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:191.92.120.49
Hostname:Dinamic-Tigo-191-92-120-49.tigo.com.co
Status:Offline
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS27831
AS name:Colombia Movil
Country:- CO
First seen:2020-02-15 15:16:56 UTC
Last seen:2020-02-29 23:53:21 UTC
Last online:2020-02-25

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2020-03-01 01:08:48c1cd6c2534199fb68e3f8edeeeefb837Virustotal results 53 / 73 (72.60%) 191.92.120.4980Heodo
2020-02-18 03:56:452e281e587c0c5d4b97cefcc38e154d37Virustotal results 25 / 72 (34.72%) 191.92.120.4980Heodo
2020-02-16 16:22:470628b70a0392adb90a0e7d14fafa408an/a191.92.120.4980Heodo
2020-02-15 18:16:253559d2481f229c2151a3807f4fc54eabVirustotal results 9 / 70 (12.86%) 191.92.120.4980Heodo

# of malware samples: 4