Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 212.156.219.6. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:212.156.219.6
Hostname:212.156.219.6.static.turktelekom.com.tr
Status:Offline
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS9121
AS name:TTNET
Country:- TR
First seen:2020-03-18 03:07:12 UTC
Last seen:2020-03-23 18:01:54 UTC
Last online:2020-03-30

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2020-03-26 10:21:36cde2eb41f5713c2cfa1cb3d79f271268Virustotal results 39 / 73 (53.42%) 212.156.219.68080Heodo
2020-03-26 10:21:36cde2eb41f5713c2cfa1cb3d79f271268Virustotal results 39 / 73 (53.42%) 212.156.219.68080Heodo
2020-03-23 16:56:54cce62466f56ae70cca2543e5c71ab78eVirustotal results 4 / 71 (5.63%) 212.156.219.68080Heodo
2020-03-23 16:35:24d8d76f54cfd211c3904e2ebbffcf1e6an/a212.156.219.68080Heodo
2020-03-21 19:12:157f5eb714b0707068d1c2b625c953f8daVirustotal results 40 / 73 (54.79%) 212.156.219.68080Heodo
2020-03-18 16:42:34c9eb04822df6a885d0c85e7904394136n/a212.156.219.68080Heodo
2020-03-18 16:24:36763a74ea75bdc9a548c9c308e0a9c017n/a212.156.219.68080Heodo
2020-03-18 16:20:41372d2625a56d63b9fa56c601a46a5accn/a212.156.219.68080Heodo
2020-03-18 03:36:41c00fc0f04a1d45bc03bc7ca19d884aaen/a212.156.219.68080Heodo

# of malware samples: 9