Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 212.81.134.57. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:212.81.134.57
Hostname:n/a
Status:Offline
Spamhaus SBL:SBL380115
Malware:Heodo -
AS number:AS3262
AS name:SARENET
Country:- ES
First seen:2014-09-16 19:17:02 UTC
Last seen:2017-11-14 03:21:33 UTC

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2015-04-15 20:07:412bf0cad59ea2a2f1e44d5691f0a3c60aVirustotal results 52/56 (92.86%) 212.81.134.57443
2015-02-05 01:00:28185e4cd0db77d4c5ef9d10a3408079bfVirustotal results 31/57 (54.39%) 212.81.134.57443Zemot
2014-11-29 09:30:132e8a75f0cb37250f81387bb234d3b9bcVirustotal results 9/56 (16.07%) 212.81.134.57443Zemot
2014-11-21 18:34:1163c93cbce60c05b042c4e3098187ad12Virustotal results 17/53 (32.08%) 212.81.134.57443ZeuS
2014-09-16 20:31:17603965ee119ec4a3d81424cf4ff94aebVirustotal results 36/54 (66.67%) 212.81.134.57443Zemot
2014-09-16 19:17:02b948ec89453660c6d733bd02a9216333Virustotal results 37/55 (67.27%) 212.81.134.57443Zemot

# of malware samples: 6