Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 198.199.114.69. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry

Host:	198.199.114.69
Hostname:	mornin.org
Status:	Online
Spamhaus SBL:	Not listed
Malware:	Heodo
AS number:	AS14061
AS name:	DIGITALOCEAN-ASN - DigitalOcean, LLC
Country:	US
First seen:	2019-10-09 10:58:40 UTC
Last seen:	2019-10-16 21:55:50 UTC
Last online:	2019-10-17

Malware Samples

The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Host	Port	Signature
2019-10-16 22:06:46	e2a091359986d48215d4e596aa881245	2 / 70 (2.86%)	198.199.114.69	8080	Heodo
2019-10-16 21:47:20	9c3ec06de4b3aecbbdf952bf9609df38	7/70 (10.00%)	198.199.114.69	8080	Heodo
2019-10-16 20:49:13	4721fd927782b1c693514780f2ca040b	1 / 70 (1.43%)	198.199.114.69	8080	Heodo
2019-10-16 20:46:40	03dff9745906f044f0d8e5a8e5e0fc65	2 / 68 (2.94%)	198.199.114.69	8080	Heodo
2019-10-16 18:58:41	5141562074d4105cbcd0bde879f5bcc0	1 / 69 (1.45%)	198.199.114.69	8080	Heodo
2019-10-14 05:00:03	8ded216015b26a434d46a85cacd39b37	43 / 69 (62.32%)	198.199.114.69	8080	Heodo
2019-10-12 14:13:50	985799e66581ef777b52da4338130e6c	42 / 71 (59.15%)	198.199.114.69	8080	Heodo
2019-10-10 02:04:24	94fb48aeda6f534f430e535c386b856b	20 / 59 (33.90%)	198.199.114.69	8080	Heodo
2019-10-10 01:10:44	73fff70087610f9976ca5f04ca44a1f9	6 / 71 (8.45%)	198.199.114.69	8080	Heodo
2019-10-09 18:06:55	d67c711b9422767cebbd27a4eb4db4f5	7 / 69 (10.14%)	198.199.114.69	8080	Heodo
2019-10-09 16:40:38	42b188b8832ec9e0192a533252d73b4b	7 / 69 (10.14%)	198.199.114.69	8080	Heodo
2019-10-09 15:50:14	9fad0f271e42f26f436a2843883a8095	8 / 69 (11.59%)	198.199.114.69	8080	Heodo
2019-10-09 13:53:53	58ccf3ad599b328c7dd0eaa2da596fcf	5 / 71 (7.04%)	198.199.114.69	8080	Heodo

# of malware samples: 13