Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 72.231.228.196. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:72.231.228.196
Hostname:cpe-72-231-228-196.buffalo.res.rr.com
Status:Offline
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS11351
AS name:TWC-11351-NORTHEAST
Country:- US
First seen:2020-02-27 22:22:09 UTC
Last seen:2020-03-20 16:54:16 UTC
Last online:2020-03-05

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2020-03-23 09:43:37b1e6a67a46978eb9c12c555572418eb8Virustotal results 56 / 72 (77.78%) 72.231.228.19680Heodo
2020-03-19 03:01:41ab2a6aed42eeedf41db6e291901abf34Virustotal results 46 / 72 (63.89%) 72.231.228.19680Heodo
2020-03-07 01:49:272619526b7d527cffc7efa869bcb7478bVirustotal results 20 / 71 (28.17%) 72.231.228.19680Heodo
2020-03-06 22:56:11df8298702bfc72e8839a0b9dd6c1cf52n/a72.231.228.19680Heodo
2020-03-06 22:43:596c931096550d2ea511cb29be455e7ec1Virustotal results 46 / 73 (63.01%) 72.231.228.19680Heodo
2020-03-04 13:08:26a275522a9339e160356a44978b4914c0Virustotal results 21 / 72 (29.17%) 72.231.228.19680Heodo
2020-03-04 11:07:2631205fb5c945be59846a9a21ca7cbe81Virustotal results 8 / 73 (10.96%) 72.231.228.19680Heodo
2020-03-04 09:32:105cf295b9864fb6faae3e7dc94ecad0d8Virustotal results 10 / 73 (13.70%) 72.231.228.19680Heodo
2020-02-28 15:28:49239d5551143cfce7d765e5877cab1f0fn/a72.231.228.19680Heodo
2020-02-28 14:19:48f041689e3ddcc351a8113d8cea31defbn/a72.231.228.19680Heodo
2020-02-28 14:06:0966b749d40751f7c3814b112199993c89n/a72.231.228.19680Heodo
2020-02-28 13:50:4570294020e2476906557668e5fe681a69n/a72.231.228.19680Heodo
2020-02-28 13:26:02f17241eaade45959cbc8c41fb02ddf73n/a72.231.228.19680Heodo
2020-02-28 13:23:201f75a05af44756ea05c97ce027893712n/a72.231.228.19680Heodo
2020-02-28 13:22:469ec594820a54304d7d8c76095124fcacn/a72.231.228.19680Heodo
2020-02-28 13:20:0582c10c371fb57107564421d5c900fbban/a72.231.228.19680Heodo
2020-02-28 13:18:176de6a427adc6d414b33f2e4e7fa030fan/a72.231.228.19680Heodo
2020-02-28 13:14:36c8ee6bb3c8a3ad3d9c4184a0ab2666a9n/a72.231.228.19680Heodo
2020-02-28 13:14:36c8ee6bb3c8a3ad3d9c4184a0ab2666a9n/a72.231.228.19680Heodo
2020-02-28 13:12:40f809b5e27299a9f46d3d0fa43f4ea91dn/a72.231.228.19680Heodo
2020-02-28 13:11:003fca042c838a2b777f8ab4adbe98ee85n/a72.231.228.19680Heodo
2020-02-28 01:53:403cb101ee0b47318d4d7fb1828524d7afVirustotal results 5 / 70 (7.14%) 72.231.228.19680Heodo

# of malware samples: 22