Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 70.168.121.169. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:70.168.121.169
Hostname:wsip-70-168-121-169.ks.ks.cox.net
Status:Offline
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS22773
AS name:ASN-CXA-ALL-CCI-22773-RDC - Cox Communications Inc., US
Country:- US
First seen:2018-08-30 16:33:09 UTC
Last seen:2018-08-31 09:33:44 UTC

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2018-10-12 12:14:06b88c64c456a292bbc399e6480f8a8ab1Virustotal results 31/69 (44.93%) 70.168.121.169443Heodo
2018-10-09 20:26:03aa764c628d697a3144e98d5b9eb39816Virustotal results 35/69 (50.72%) 70.168.121.169443Heodo
2018-09-11 11:43:312c29d8d386e7bd17cf95ac29acbaf669Virustotal results 26/66 (39.39%) 70.168.121.169443Heodo
2018-09-07 04:19:352f6ffe4c5443ef05251319fa590c104bVirustotal results 43/69 (62.32%) 70.168.121.169443Heodo
2018-09-05 13:16:485ecbeea3f00e6abf7cb38e1daf845218Virustotal results 32/67 (47.76%) 70.168.121.169443Heodo
2018-09-04 20:13:20b95aee85cc4a19be296f413c92a1825fVirustotal results 34/68 (50.00%) 70.168.121.169443Heodo
2018-09-03 11:54:1368ce0cee8649a1da7398f3d030412b9dVirustotal results 12/68 (17.65%) 70.168.121.169443Heodo
2018-09-03 09:40:55acb54cd04f5dcfcd36fedaedd6f16155Virustotal results 14/66 (21.21%) 70.168.121.169443Heodo
2018-09-03 08:25:5369986811581643af859a0530c8f74f09Virustotal results 36/67 (53.73%) 70.168.121.169443Heodo
2018-09-03 06:41:4133ea64bfaf39dd6bcd76a0373e70b80cVirustotal results 15/67 (22.39%) 70.168.121.169443Heodo
2018-09-02 13:11:582d429594fc166b8edcf93dd39df5154fVirustotal results 41/68 (60.29%) 70.168.121.169443Heodo
2018-09-02 10:09:307406f99e520a09119458d6a42d439e68Virustotal results 18/67 (26.87%) 70.168.121.169443Heodo
2018-09-02 06:55:042616f5849fe017c40553dc914982740fVirustotal results 21/68 (30.88%) 70.168.121.169443Heodo
2018-09-01 18:49:54fec2ec5ac34c8453f6b0f265984d3e1fVirustotal results 24/68 (35.29%) 70.168.121.169443Heodo
2018-09-01 10:00:36ba375dab0d326b0e24b64dbb537d00e6Virustotal results 12/67 (17.91%) 70.168.121.169443Heodo
2018-09-01 06:14:2824d80bc6536d4232356c81bf0465cf54Virustotal results 20/66 (30.30%) 70.168.121.169443Heodo
2018-09-01 05:45:0268b761e073c876646d95f3dad04260f4Virustotal results 30/68 (44.12%) 70.168.121.169443Heodo
2018-09-01 05:42:13b586a5b1170e0e2a69cbf29f118294c2Virustotal results 18/68 (26.47%) 70.168.121.169443Heodo
2018-09-01 05:42:126319ea4bb096ead16d87fb42f5f526ffVirustotal results 13/69 (18.84%) 70.168.121.169443Heodo
2018-08-31 18:21:49103d0e2152347ca561a8621e96009e1eVirustotal results 19/68 (27.94%) 70.168.121.169443Heodo
2018-08-31 18:14:09eeb763f196cf3231842ee05d3d53ff1aVirustotal results 16/67 (23.88%) 70.168.121.169443Heodo
2018-08-31 11:42:533dc9353468b159108419a3567f596459Virustotal results 18/68 (26.47%) 70.168.121.169443Heodo
2018-08-31 11:01:3222f92f1a50e1d5cd3ed369d119072031Virustotal results 18/68 (26.47%) 70.168.121.169443Heodo
2018-08-31 10:53:39de14a3c0038f91edb45f313bf22e1138Virustotal results 15/67 (22.39%) 70.168.121.169443Heodo
2018-08-31 10:04:20ae555d3a451420e611e4e79d4a205161Virustotal results 18/67 (26.87%) 70.168.121.169443Heodo
2018-08-31 06:19:54a29363636cd2da29bb5701578f1c99bcVirustotal results 18/67 (26.87%) 70.168.121.169443Heodo
2018-08-31 06:08:575015f6608e968c03eb3b51d3c2cd225cVirustotal results 22/68 (32.35%) 70.168.121.169443Heodo
2018-08-31 05:20:06e01cab3d092c9a40fa400fe6a2ac8d31Virustotal results 19/67 (28.36%) 70.168.121.169443Heodo
2018-08-31 00:02:132ad313a81bbd7848c3c14a2248d7f6bcVirustotal results 13/66 (19.70%) 70.168.121.169443Heodo

# of malware samples: 29