Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 201.199.89.223. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:201.199.89.223
Hostname:n/a
Status:- Online
Spamhaus SBL:SBL447361
Malware:Heodo -
AS number:AS11830
AS name:Instituto Costarricense de Electricidad y Telecom.
Country:- CR
First seen:2019-05-10 01:29:03 UTC
Last seen:2019-05-18 13:36:32 UTC
Last online:2019-05-23

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2019-05-18 13:48:07b9642c28b98544d3f4643b443e385d1dVirustotal results 18/69 (26.09%) 201.199.89.2238443Heodo
2019-05-17 00:33:47884b527546723b660017495c8afd768aVirustotal results 39/73 (53.42%) 201.199.89.2238443Heodo
2019-05-16 22:36:2606eb6779b66bb37b3d26d543e2412f18Virustotal results 42/74 (56.76%) 201.199.89.2238443Heodo
2019-05-16 05:00:30deddbe2847c338d79d4ea185703437f2Virustotal results 51/72 (70.83%) 201.199.89.2238443Heodo
2019-05-11 17:05:069f2abb8908a79f0b40483c69355b61f9Virustotal results 44/71 (61.97%) 201.199.89.2238443Heodo
2019-05-10 05:36:05980f4868935345047b86d76bc48ba4b1Virustotal results 33/72 (45.83%) 201.199.89.2238443Heodo
2019-05-10 03:30:1364d5422970a982a9c55d018fb3745892Virustotal results 28/72 (38.89%) 201.199.89.2238443Heodo

# of malware samples: 7