Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 54.38.247.98. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:54.38.247.98
Hostname:ip-54-38-247.eu
Status:Offline
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS16276
AS name:OVH
Country:- FR
First seen:2018-12-21 17:34:40 UTC
Last seen:2019-01-08 07:51:24 UTC

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2019-01-08 22:16:28b543e866026f6d53a6a32eb3ef3938e2Virustotal results 41/69 (59.42%) 54.38.247.98465Heodo
2019-01-06 09:36:42393441551cdc19ebf6bad9a3d45e73b3Virustotal results 45/71 (63.38%) 54.38.247.98465Heodo
2019-01-01 10:16:48d3dcf2bc7e6ce66bcb4d30ac1fb200b4Virustotal results 43/70 (61.43%) 54.38.247.98465Heodo
2018-12-31 08:12:50de041377ef725becac324d69d92eaf8aVirustotal results 44/70 (62.86%) 54.38.247.98465Heodo
2018-12-23 09:18:49c01396703944ec4a0ac5d5fee9e9c082Virustotal results 11/69 (15.94%) 54.38.247.98465Heodo

# of malware samples: 5