Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 91.117.147.2. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:91.117.147.2
Hostname:2.147.117.91.dynamic.reverse-mundo-r.com
Status:Offline
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS12334
AS name:Galicia - Spain, ES
Country:- ES
First seen:2018-11-20 19:06:00 UTC
Last seen:2018-11-21 06:55:44 UTC

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2019-01-08 08:09:580d826235fc7a56464b9e9e1e6abb9735Virustotal results 50/69 (72.46%) 91.117.147.27080Heodo
2018-11-22 23:12:48427a5f7fcf0a8c01587320a02262fafdVirustotal results 43/69 (62.32%) 91.117.147.27080Heodo
2018-11-21 11:37:00af56de6bf25480e4d78bf893602756e9Virustotal results 14/65 (21.54%) 91.117.147.27080Heodo
2018-11-21 08:44:14971655c6ecef80a4bc50a24782574fbfVirustotal results 17/66 (25.76%) 91.117.147.27080Heodo
2018-11-21 06:48:5565a3da4585c795788eedac5d2ddbfd9eVirustotal results 15/68 (22.06%) 91.117.147.27080Heodo
2018-11-20 21:08:222d815136936c5e9d1595037a08d5d4c2Virustotal results 13/69 (18.84%) 91.117.147.27080Heodo
2018-11-20 18:15:13c39334f679d002563434074940d9fa95Virustotal results 14/65 (21.54%) 91.117.147.27080Heodo

# of malware samples: 7