Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 68.15.57.174. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:68.15.57.174
Hostname:wsip-68-15-57-174.ri.ri.cox.net
Status:Offline
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS22773
AS name:ASN-CXA-ALL-CCI-22773-RDC - Cox Communications Inc.
Country:- US
First seen:2018-09-14 10:26:25 UTC
Last seen:2018-11-11 10:58:23 UTC

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2018-11-09 11:32:44a10ff0f0246523ed75fcbe8ad4d13356Virustotal results 34/67 (50.75%) 68.15.57.174443Heodo
2018-09-16 23:12:2424732d32eade9100e7909058831e66c7Virustotal results 38/68 (55.88%) 68.15.57.174443Heodo
2018-09-16 17:31:344fd2307313cecd37e9bfe34083cbb66bVirustotal results 37/67 (55.22%) 68.15.57.174443Heodo
2018-09-14 11:27:5492976960839724685206731e19231c2aVirustotal results 18/68 (26.47%) 68.15.57.174443Heodo
2018-09-14 07:29:19ad128a1f1462962c80ea9fdd2e153731Virustotal results 12/67 (17.91%) 68.15.57.174443Heodo
2018-09-14 07:27:35961b392ede4cbf2419e10d52a604fc91Virustotal results 15/68 (22.06%) 68.15.57.174443Heodo
2018-09-14 07:03:09d0549738d2bb5ab978c780268c293bf2Virustotal results 10/67 (14.93%) 68.15.57.174443Heodo
2018-09-14 06:18:45e8fa19b08b1325e75106e3f9b18144b1Virustotal results 23/65 (35.38%) 68.15.57.174443Heodo
2018-09-13 16:50:55dc3da5beb337edbadac662f582a07decVirustotal results 12/68 (17.65%) 68.15.57.174443Heodo

# of malware samples: 9