Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 31.148.221.34. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:31.148.221.34
Hostname:pn-34.krm.dn.ua
Status:Offline
Spamhaus SBL:SBL426836
Malware:Heodo -
AS number:AS51962
AS name:POWERNET-AS
Country:- UA
First seen:2018-11-13 16:01:49 UTC
Last seen:2019-01-08 09:28:17 UTC

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2019-01-09 11:05:574cf6d047964341ec5b0dab6e859a22b5Virustotal results 47/67 (70.15%) 31.148.221.3480Heodo
2019-01-08 15:11:45e1db91799f716f564cdaf144d34fae5dVirustotal results 45/68 (66.18%) 31.148.221.3480Heodo
2019-01-08 08:00:2775a9b3c1c21e9fe60236b5e69970c9d3Virustotal results 50/68 (73.53%) 31.148.221.3480Heodo
2018-11-13 21:44:140f0d9bfba99e0fd4cc7e6ecb54c82086Virustotal results 32/56 (57.14%) 31.148.221.3480Heodo
2018-11-13 19:37:10a4d12e2202f65e6803e778d605f88d46Virustotal results 18/67 (26.87%) 31.148.221.3480Heodo
2018-11-13 19:28:07de930df4258b7a9f6844c777f62612b6Virustotal results 12/59 (20.34%) 31.148.221.3480Heodo
2018-11-13 17:02:224652719a1fc7795973a1008b3f36690cVirustotal results 19/59 (32.20%) 31.148.221.3480Heodo
2018-11-13 16:51:389c01f51352a3dfe92ead268d02e8fb16Virustotal results 14/58 (24.14%) 31.148.221.3480Heodo
2018-11-13 16:50:50d8b636dadcc6155ab192ba4b067814f9Virustotal results 13/58 (22.41%) 31.148.221.3480Heodo
2018-11-13 16:27:21c27e046a85b168615f0f479d39ec9702Virustotal results 13/58 (22.41%) 31.148.221.3480Heodo

# of malware samples: 10