Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 197.89.110.52. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:197.89.110.52
Hostname:197-89-110-52.dsl.mweb.co.za
Status:Offline
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS10474
AS name:OPTINET
Country:- ZA
First seen:2019-04-09 13:42:43 UTC
Last seen:2019-04-16 13:21:19 UTC
Last online:2019-04-10

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2019-04-15 20:00:42dc0980acc9af732eaf89e91f4e4fe8abVirustotal results 49/69 (71.01%) 197.89.110.5280Heodo
2019-04-09 16:18:428a113849c9c5cd77083dcd7cf6e72976Virustotal results 21/70 (30.00%) 197.89.110.5280Heodo
2019-04-09 15:51:3067dea3d474d20fbae7c88babee73a678Virustotal results 28/69 (40.58%) 197.89.110.5280Heodo
2019-04-09 15:50:059c58bac7e70eed807b75ad77a578d8c1Virustotal results 21/70 (30.00%) 197.89.110.5280Heodo
2019-04-09 14:17:33cff4c3ff69a31fee1aa5a991584700c0Virustotal results 48/67 (71.64%) 197.89.110.5280Heodo
2019-04-09 14:15:587aa58f7911c343a5f6384938152cd8d5Virustotal results 20/66 (30.30%) 197.89.110.5280Heodo
2019-04-09 14:15:40ea5130668ec1f7d2f4afb3fdb6f228e9Virustotal results 24/72 (33.33%) 197.89.110.5280Heodo
2019-04-09 13:45:089a8ef2499c9c5f61aa784495190d42a5Virustotal results 22/69 (31.88%) 197.89.110.5280Heodo
2019-04-09 13:44:4644c34758e37e1ec71e3c7ea3c11315d8Virustotal results 39/67 (58.21%) 197.89.110.5280Heodo
2019-04-09 13:13:56e7f33d83c8a2a6b5d605d8eee97e2766Virustotal results 47/66 (71.21%) 197.89.110.5280Heodo
2019-04-09 13:13:2624eeebf29a27aad978f27b04ec1ddc13Virustotal results 20/66 (30.30%) 197.89.110.5280Heodo

# of malware samples: 11