Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 81.174.148.49. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:81.174.148.49
Hostname:graphixsigns.plus.com
Status:Offline
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS6871
AS name:PLUSNET UK Internet Service Provider, GB
Country:- GB
First seen:2018-08-30 16:33:09 UTC
Last seen:2018-08-31 09:04:49 UTC

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2018-09-07 04:19:352f6ffe4c5443ef05251319fa590c104bVirustotal results 43/69 (62.32%) 81.174.148.498080Heodo
2018-08-31 11:01:3222f92f1a50e1d5cd3ed369d119072031Virustotal results 18/68 (26.47%) 81.174.148.498080Heodo
2018-08-31 10:53:39de14a3c0038f91edb45f313bf22e1138Virustotal results 15/67 (22.39%) 81.174.148.498080Heodo
2018-08-31 10:04:20ae555d3a451420e611e4e79d4a205161Virustotal results 18/67 (26.87%) 81.174.148.498080Heodo
2018-08-31 06:19:54a29363636cd2da29bb5701578f1c99bcVirustotal results 18/67 (26.87%) 81.174.148.498080Heodo
2018-08-31 06:08:575015f6608e968c03eb3b51d3c2cd225cVirustotal results 22/68 (32.35%) 81.174.148.498080Heodo
2018-08-31 05:20:06e01cab3d092c9a40fa400fe6a2ac8d31Virustotal results 19/67 (28.36%) 81.174.148.498080Heodo
2018-08-31 00:02:132ad313a81bbd7848c3c14a2248d7f6bcVirustotal results 13/66 (19.70%) 81.174.148.498080Heodo

# of malware samples: 8