Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 67.254.196.78. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:67.254.196.78
Hostname:mta-67-254-196-78.nyc.rr.com
Status:Offline
Spamhaus SBL:SBL471122
Malware:Heodo -
AS number:AS12271
AS name:TWC-12271-NYC
Country:- US
First seen:2019-12-11 16:13:07 UTC
Last seen:2020-01-28 16:48:09 UTC
Last online:2020-01-15

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2020-01-28 22:12:48976afaab870427a4d4706ed1c7d95156Virustotal results 49 / 72 (68.06%) 67.254.196.78443Heodo
2020-01-25 03:54:071e19a5c8e02b6e11c37dea708d1db05cVirustotal results 25 / 73 (34.25%) 67.254.196.78443Heodo
2020-01-25 03:53:54ab5885f58b5c57319f77121bf533c6e3Virustotal results 25 / 71 (35.21%) 67.254.196.78443Heodo
2020-01-25 03:52:134e21078047430ac981a4c3c38b277894Virustotal results 23 / 71 (32.39%) 67.254.196.78443Heodo
2020-01-25 03:33:063e59e4032aecd51e41782340e794944cVirustotal results 26 / 72 (36.11%) 67.254.196.78443Heodo
2020-01-25 03:27:054fbc2b0b70466c052be331230f47e3e4Virustotal results 24 / 72 (33.33%) 67.254.196.78443Heodo
2020-01-25 03:21:29b4579ca7e50f94bc1da6162a70dd63a5Virustotal results 23 / 72 (31.94%) 67.254.196.78443Heodo
2020-01-17 20:58:39b35cb8a589f33bb02b1e4f1b24c38fe0Virustotal results 44 / 73 (60.27%) 67.254.196.78443Heodo
2020-01-13 03:47:189b47f2f232d2c3fd1603c054eb73f7f9Virustotal results 13 / 62 (20.97%) 67.254.196.78443Heodo
2020-01-13 03:43:315eaf24e1ad1b7e4a1d2122b62419b8abVirustotal results 13 / 61 (21.31%) 67.254.196.78443Heodo
2020-01-13 03:35:06a2e2a6af5b13ae4f1c47dc6b5097c6c8Virustotal results 13 / 62 (20.97%) 67.254.196.78443Heodo
2020-01-13 03:20:23a420bd6333297a2b28d9e415d693cddaVirustotal results 13 / 61 (21.31%) 67.254.196.78443Heodo
2020-01-13 03:01:04f9ccf910a49a7573fcf23b439e638164n/a67.254.196.78443Heodo
2020-01-13 02:26:27f81792861fd33c3b43624c780f16d698n/a67.254.196.78443Heodo
2020-01-13 02:09:5691d72fdc64565be615aa7dd7d3326a60Virustotal results 14 / 60 (23.33%) 67.254.196.78443Heodo
2020-01-13 01:57:28b437b599fcf0fad645468b216193c49dVirustotal results 14 / 62 (22.58%) 67.254.196.78443Heodo
2020-01-13 01:13:17e5a8712f3785a198381405a672af7da2Virustotal results 14 / 61 (22.95%) 67.254.196.78443Heodo
2020-01-13 01:11:15d7c970e6b0b9db7ea7db42d2cacbdc11Virustotal results 14 / 61 (22.95%) 67.254.196.78443Heodo
2020-01-13 00:51:561f4396852c6b7acac2d0a7d51dbe238dn/a67.254.196.78443Heodo
2020-01-13 00:22:33ccbe699f3a781b15b5fd9e31a0c9ed56n/a67.254.196.78443Heodo
2020-01-13 00:07:52aaf9c8046abaf505cf4973f36f636dbfVirustotal results 14 / 60 (23.33%) 67.254.196.78443Heodo
2020-01-12 23:12:35e85e7b96667bbd9509852bf868666bb5n/a67.254.196.78443Heodo
2020-01-12 23:09:46fe96f6afac1d59af56058ddb43f4bc0dn/a67.254.196.78443Heodo
2020-01-12 22:58:496f42d36e40f62a334dacfaba7b0ddd0bVirustotal results 15 / 61 (24.59%) 67.254.196.78443Heodo
2020-01-12 22:43:50e3313acc9f6b7b4295c858c0534b03c3Virustotal results 15 / 61 (24.59%) 67.254.196.78443Heodo
2020-01-12 22:43:26b1f2d9b46bec773136b6d28d7c99ba8dVirustotal results 15 / 62 (24.19%) 67.254.196.78443Heodo
2020-01-12 21:33:21231623861fbd7521a4caccb23a15c934Virustotal results 17 / 62 (27.42%) 67.254.196.78443Heodo
2019-12-27 21:55:03a0ddf61c0dbc71d990d5a1c07f6706b2Virustotal results 43 / 72 (59.72%) 67.254.196.78443Heodo
2019-12-27 21:54:15ab78de06db000c939569c24d21ad8955Virustotal results 15 / 72 (20.83%) 67.254.196.78443Heodo
2019-12-19 03:18:17e02710f8fce6c51754a40bde068d0623n/a67.254.196.78443Heodo
2019-12-16 03:04:295ed5187aab868bfb4719f0fa41df1e26Virustotal results 20 / 60 (33.33%) 67.254.196.78443Heodo
2019-12-15 00:56:024ed7ea6f8aa5956a978acf1931282059Virustotal results 21 / 60 (35.00%) 67.254.196.78443Heodo

# of malware samples: 32