Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 95.6.84.189. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:95.6.84.189
Hostname:95.6.84.189.static.ttnet.com.tr
Status:Offline
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS9121
AS name:TTNET
Country:- TR
First seen:2020-02-17 14:29:57 UTC
Last seen:2020-05-22 18:30:30 UTC
Last online:2020-02-20

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2020-05-22 18:46:120473f975bce774019971ee74cd025398Virustotal results 51 / 72 (70.83%) 95.6.84.18980Heodo
2020-03-20 09:51:19946a0f3c2386c1701f24983a1a0a2739Virustotal results 42 / 74 (56.76%) 95.6.84.18980Heodo
2020-03-06 22:00:208182ab63b0b9d32aad9ec595273d059eVirustotal results 46 / 71 (64.79%) 95.6.84.18980Heodo
2020-03-03 20:46:17e99a9103727a4ac8d2a7955e77c6b491Virustotal results 45 / 73 (61.64%) 95.6.84.18980Heodo
2020-02-20 00:29:20b847157cbc478bf54200c76d82025083Virustotal results 34 / 71 (47.89%) 95.6.84.18980Heodo
2020-02-19 10:54:410dddd7df295c3e6c40ba7e654fafddb2n/a95.6.84.18980Heodo
2020-02-18 12:43:5963aab5b0065ae1bb94acb7c368794346n/a95.6.84.18980Heodo
2020-02-17 21:50:41c85ab538147f798362685f3b32616b9eVirustotal results 8 / 72 (11.11%) 95.6.84.18980Heodo

# of malware samples: 8