Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 94.52.168.188. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:94.52.168.188
Hostname:94-52-158-188.next-gen.ro
Status:Offline
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS48161
AS name:NG-AS Sos. Bucuresti - Ploiesti nr. 42-44
Country:- RO
First seen:2020-11-07 01:40:24 UTC
Last seen:2020-11-21 07:30:22 UTC
Last online:2020-11-23

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2020-11-21 03:18:40a0f58affd6fa1d0e9e6b05bed7661cc3Virustotal results 42 / 71 (59.15%) 94.52.168.18880Heodo
2020-11-19 05:50:18a94c53eb3ecb77f93f3e22368938669dVirustotal results 35 / 71 (49.30%) 94.52.168.18880Heodo
2020-11-18 21:59:2253fe2605f7e82ded46152ad37634010cVirustotal results 26 / 72 (36.11%) 94.52.168.18880Heodo
2020-11-10 06:28:559befe7c7216e36cd1577884f299a695dn/a94.52.168.18880Heodo
2020-11-09 22:14:2231803c6991a53ac51238b0ac72889e0cn/a94.52.168.18880Heodo
2020-11-09 07:58:41dd9742166aa6537730ab1b4acd30b7a9n/a94.52.168.18880Heodo
2020-11-09 07:46:05dc0832f4d0738b5447c84f47055c6f46n/a94.52.168.18880Heodo
2020-11-09 05:02:50c51db28adea3fbf6aac055ba3eb07ef4n/a94.52.168.18880Heodo
2020-11-07 01:17:116f2afb91c5885512ba6b185f8a1c49ddn/a94.52.168.18880Heodo

# of malware samples: 9