Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 203.130.0.67. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:203.130.0.67
Hostname:mail.grandleisure.com
Status:Offline
Spamhaus SBL:SBL459956
Malware:Heodo -
AS number:AS24435
AS name:SUPERNET-PAKISTAN-AS-AP Supernet Limited Transit Autonomous System Number
Country:- PK
First seen:2019-09-11 20:20:37 UTC
Last seen:2019-09-23 19:57:29 UTC
Last online:2019-09-23

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2019-09-25 04:40:38a1d300f135b6f7e6bc7e34e102e18c58Virustotal results 55/71 (77.46%) 203.130.0.6780Heodo
2019-09-22 16:06:58ffc697a0e8b22fbd13525988bbad6d77Virustotal results 52 / 71 (73.24%) 203.130.0.6780Heodo
2019-09-22 15:47:21e61c0d2429652bf738d0b13b72ea7558Virustotal results 50 / 68 (73.53%) 203.130.0.6780Heodo
2019-09-22 11:58:3659678b91cab4f5d17dd4c0bc2c4e850bVirustotal results 52 / 70 (74.29%) 203.130.0.6780Heodo
2019-09-18 03:10:02e67aac22ade5eb76e1d190037744bae2Virustotal results 48/69 (69.57%) 203.130.0.6780Heodo
2019-09-18 02:08:502e0f7eb2216571bd59bcb1a068d3085fVirustotal results 31 / 70 (44.29%) 203.130.0.6780Heodo
2019-09-18 00:43:11d322c71da89b11f4388e1c3f69de47e8Virustotal results 43 / 67 (64.18%) 203.130.0.6780Heodo
2019-09-17 23:04:166797773a52c6aace52f9a3fa01d281bbVirustotal results 30 / 70 (42.86%) 203.130.0.6780Heodo
2019-09-17 12:23:097657fd4d987c98f81c9acd468cc309e4Virustotal results 52/71 (73.24%) 203.130.0.6780TrickBot
2019-09-17 00:30:59fc6a770d7a3d4b77d2b5a9eeb8d14609Virustotal results 51/69 (73.91%) 203.130.0.6780Heodo
2019-09-16 20:41:2683d0f1e17c4e72306c8d2c5ec4af4c96Virustotal results 53/69 (76.81%) 203.130.0.6780Heodo
2019-09-16 16:44:162b5a4b24d8e686b1f7cd974b7bdfa974Virustotal results 38/69 (55.07%) 203.130.0.6780Heodo
2019-09-16 15:23:2941219d44e7202d5b4c6e08306a702a7dVirustotal results 17 / 71 (23.94%) 203.130.0.6780Heodo
2019-09-16 15:01:46867948992574f5397f8cb6cd3dd2ff1fVirustotal results 16 / 70 (22.86%) 203.130.0.6780Heodo
2019-09-16 14:10:488b7c2463cef2f0dbfe3206d3a97d355eVirustotal results 17 / 68 (25.00%) 203.130.0.6780Heodo
2019-09-16 09:25:31f1ab1fa6d2b93ae55b448b96733ff195Virustotal results 2 / 68 (2.94%) 203.130.0.6780Heodo
2019-09-16 09:03:05428f08d11f89d0e5c5b4fd5ed9d140a4n/a203.130.0.6780Heodo
2019-09-16 00:08:279e7fd907c4c848f0b36f1caf6c057a0cVirustotal results 37 / 69 (53.62%) 203.130.0.6780Heodo
2019-09-15 21:57:22ba01b9c88e089567701eb93a10875ba0Virustotal results 52/69 (75.36%) 203.130.0.6780Heodo
2019-09-15 13:17:429d55229f58d6bd51038f11fdc1f1b47aVirustotal results 42 / 70 (60.00%) 203.130.0.6780Heodo
2019-09-14 12:53:22c0e908cc36f72caf769e09203d178e66Virustotal results 42 / 69 (60.87%) 203.130.0.6780Heodo
2019-09-13 09:22:01851d0b8921614de3b7705c340dfd29d3Virustotal results 38 / 69 (55.07%) 203.130.0.6780Heodo
2019-09-13 09:22:01851d0b8921614de3b7705c340dfd29d3Virustotal results 38 / 69 (55.07%) 203.130.0.6780Heodo
2019-09-12 16:42:231fa4b2170bafd8a2215d764d7feadb89n/a203.130.0.6780Heodo
2019-09-12 08:37:42d1399e52ac659cc41b65f4b4d1411c9bVirustotal results 56/71 (78.87%) 203.130.0.6780Heodo

# of malware samples: 25