Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 47.217.99.132. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:47.217.99.132
Hostname:47-217-99-132.stwtcmtk02.res.dyn.suddenlink.net
Status:Offline
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS19108
AS name:SUDDENLINK-COMMUNICATIONS - Suddenlink Communications
Country:- US
First seen:2018-09-13 07:12:44 UTC
Last seen:2018-12-29 19:30:13 UTC

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2018-09-13 12:12:296bf901c649f5c8dc61ecbf32d97c984cVirustotal results 11/68 (16.18%) 47.217.99.132465Heodo
2018-09-13 11:32:530c01164034fd814a4b9c9f38f81f614eVirustotal results 16/67 (23.88%) 47.217.99.132465Heodo
2018-09-13 11:29:495aa5eeb9e2ca3eba82ea1994e4b6d1efVirustotal results 12/68 (17.65%) 47.217.99.132465Heodo
2018-09-13 07:09:411b3b0b8b078335d59d46fbd9f7382ee0Virustotal results 17/68 (25.00%) 47.217.99.132465Heodo
2018-09-13 07:04:43303b167d9d50f39c09ec231c3830c122Virustotal results 20/67 (29.85%) 47.217.99.132465Heodo

# of malware samples: 5