Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 59.21.235.119. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry

Host:	59.21.235.119
Hostname:	n/a
Status:	Online
Spamhaus SBL:	Not listed
Malware:	Heodo
AS number:	AS4766
AS name:	KIXS-AS-KR Korea Telecom
Country:	KR
First seen:	2021-01-04 18:24:02 UTC
Last seen:	2021-01-19 17:53:09 UTC
Last online:	2021-01-24

Malware Samples

The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Host	Port	Signature
2021-01-21 11:06:49	90559ee39dde77d5c24e10c0ca421e3d	40 / 69 (57.97%)	59.21.235.119	80	Heodo
2021-01-17 15:15:36	c0792a6e1bc76254c5383827b5b43a4f	40 / 69 (57.97%)	59.21.235.119	80	Heodo
2021-01-16 21:03:05	1d9343a3950e060a15fe51b159a16a3e	42 / 70 (60.00%)	59.21.235.119	80	Heodo
2021-01-14 14:13:40	d5bde20a25e110d4d882f2c39b78eef5	n/a	59.21.235.119	80	Heodo
2021-01-14 09:30:14	c4086f002e78e93af7fcb3c572d76c5b	30 / 69 (43.48%)	59.21.235.119	80	Heodo
2021-01-11 22:19:38	445e79553d5c2af5212772f5f94edc2b	49 / 70 (70.00%)	59.21.235.119	80	Heodo
2021-01-10 18:47:27	030536214ff2410b7a046729bb833738	48 / 66 (72.73%)	59.21.235.119	80	Heodo
2021-01-10 14:34:10	b1129ac56b0f679bbb2b93d4db349d44	37 / 67 (55.22%)	59.21.235.119	80	Heodo
2021-01-08 04:36:14	eb367c375b0ba6e87bddecc79213db91	44 / 69 (63.77%)	59.21.235.119	80	Heodo
2021-01-08 03:52:15	dc31a25e0702a3b9451141e15456506d	50 / 70 (71.43%)	59.21.235.119	80	Heodo
2021-01-07 21:31:21	46e4b14f43efc08fab326e233e6bda39	46 / 69 (66.67%)	59.21.235.119	80	Heodo
2021-01-07 16:47:10	ffc7bfaa7c851d84479c2119fdd4d83d	42 / 70 (60.00%)	59.21.235.119	80	Heodo
2021-01-07 13:08:33	e54345925d33cab59cc4bde4ad89bd71	36 / 69 (52.17%)	59.21.235.119	80	Heodo
2021-01-04 20:57:31	958eb4153c184621cc3a80c6352003c5	n/a	59.21.235.119	80	Heodo

# of malware samples: 14