Browse Botnet C&Cs
Here you can browse the list of botnet Command&Control servers (C&Cs) tracked by Feodo Tracker, associated with Dridex and Emotet (aka Heodo). When Feodo Tracker was launched in 2010, it was ment to track Feodo botnet C&Cs. However, Feodo evolved further and different piece of malware of Feodo appeared:
- Cridex: also known as Bugat was an ebanking Trojan active until around 2013. This variant is not active anymore.
- Feodo: is a successor of the Cridex ebanking Trojan that first appeared in 2010. This variant is not active anymore.
- Geodo: is a successor of the Feodo ebanking Trojan that first appeared in 2014. This variant is commonly also known as Emotet. This variant is not active anymore.
- Dridex: is a successor of the Cridex ebanking Trojan. It first appeared in 2011 and is still very active as of today (2018). There are speculations that the botnet masters behind the ebanking Trojan Dyre moved their operation over to Dridex.
- Heodo: is a successor of the Geodo (aka Emotet). It first appeared in March 2017 and is also commonly known as Emotet. While it was initally used to commit ebanking fraud, it later turned over to a Pay-Per-Install (PPI)-like botnet which is propagating itself through compromised email credentials.
- TrickBot: has no code base with Emotet. However, TrickBot usually gets dropped by Emotet for lateral movement and to drop additional malware (such as Ryuk ransomware).
Filter for: Heodo (aka Emotet) TrickBot
| Firstseen (UTC) | Host | Malware | Status | SBL | Network (ASN) | Country |
|---|---|---|---|---|---|---|
| 2020-12-22 02:06:48 | 157.245.145.87 | Heodo |  Online | Not listed | AS14061 DIGITALOCEAN-ASN |  SG |
| 2020-12-21 21:55:42 | 50.116.111.59 | Heodo | Online | Not listed | AS46606 UNIFIEDLAYER-AS-1 |  US |
| 2020-12-21 20:06:51 | 78.188.225.105 | Heodo | Offline | Not listed | AS9121 TTNET |  TR |
| 2020-12-21 19:12:43 | 172.193.14.201 | Heodo | Offline | Not listed | AS133414 FOXTEL-AS-AP Foxtel Management Pty Ltd |  AU |
| 2020-12-21 18:54:11 | 2.80.112.146 | Heodo | Offline | Not listed | AS3243 MEO-RESIDENCIAL |  PT |
| 2020-12-21 18:49:10 | 211.215.18.93 | Heodo | Online | Not listed | AS9318 SKB-AS SK Broadband Co Ltd |  KR |
| 2020-12-21 13:26:19 | 203.157.152.9 | Heodo | Online | Not listed | AS9649 MOPH-TH-AP Information Technology Office |  TH |
| 2020-12-21 11:39:53 | 70.92.118.112 | Heodo | Online | Not listed | AS10796 TWC-10796-MIDWEST | US |
| 2020-12-21 10:41:05 | 95.76.153.115 | Heodo | Offline | Not listed | AS6830 LIBERTYGLOBAL Liberty Global (formerly UPC Broadband Holding, aka AORTA) |  RO |
| 2020-12-21 10:41:05 | 167.71.148.58 | Heodo | Online | Not listed | AS14061 DIGITALOCEAN-ASN | US |
| 2020-12-21 10:41:05 | 191.241.233.198 | Heodo | Offline | Not listed | AS28669 America-NET Ltda. |  BR |
| 2020-12-20 21:02:27 | 192.119.162.51 | TrickBot | Offline | Not listed | AS55154 MADGEN-01 | US |
| 2020-12-17 19:42:51 | 201.75.62.86 | Heodo | Offline | Not listed | AS28573 CLARO S.A. | BR |
| 2020-12-17 18:58:24 | 203.160.167.243 | Heodo | Offline | Not listed | AS18233 PTTNET Philippine Telegraph and Telephone Corporation |  PH |
| 2020-12-17 18:58:19 | 177.254.134.180 | Heodo | Offline | Not listed | AS27831 Colombia Movil |  CO |
| 2020-12-17 18:58:11 | 139.5.101.203 | Heodo | Offline | Not listed | AS58659 QCPL-IN Quest Consultancy Pvt Ltd |  IN |
| 2020-12-17 18:25:21 | 88.119.191.111 | Heodo | Offline | Not listed | AS8764 TELIA-LIETUVA |  LT |
| 2020-12-17 18:22:34 | 49.205.182.134 | Heodo | Offline | Not listed | AS18209 BEAMTELE-AS-AP Atria Convergence Technologies pvt ltd | IN |
| 2020-12-17 18:22:34 | 188.165.214.98 | Heodo | Online | Not listed | AS16276 OVH |  FR |
| 2020-12-17 18:22:34 | 72.229.97.235 | Heodo | Offline | Not listed | AS12271 TWC-12271-NYC | US |
| 2020-12-16 02:33:39 | 134.255.254.52 | TrickBot | Offline | Not listed | AS197071 ACTIVE-SERVERS active-servers.com |  DE |
| 2020-12-15 20:24:48 | 45.12.110.202 | TrickBot | Offline | Not listed | AS35913 DEDIPATH-LLC | US |
| 2020-12-15 20:15:40 | 45.12.110.206 | TrickBot | Offline | Not listed | AS35913 DEDIPATH-LLC | US |
| 2020-12-15 20:06:31 | 72.188.173.74 | Heodo | Offline | Not listed | AS33363 BHN-33363 | US |
| 2020-12-15 20:06:25 | 181.171.209.241 | Heodo | Online | Not listed | AS10318 Telecom Argentina S.A. |  AR |
| 2020-12-15 19:43:15 | 185.188.6.10 | TrickBot | Offline | Not listed | AS35913 DEDIPATH-LLC | DE |
| 2020-12-15 19:08:13 | 201.127.11.90 | Heodo | Offline | Not listed | AS8151 Uninet S.A. de C.V. |  MX |
| 2020-12-15 19:08:13 | 195.159.28.244 | Heodo | Online | Not listed | AS2116 ASN-CATCHCOM |  NO |
| 2020-12-14 16:21:31 | 47.144.21.37 | Heodo | Offline | Not listed | AS5650 FRONTIER-FRTR | US |
| 2020-12-14 00:43:59 | 178.62.254.156 | Heodo | Online | Not listed | AS14061 DIGITALOCEAN-ASN |  NL |
| 2020-12-13 23:02:26 | 168.121.4.238 | Heodo | Offline | Not listed | AS265304 Grandi Sistemas de Informacoes LTDA ME | BR |
| 2020-12-13 23:02:22 | 1.234.65.61 | Heodo | Offline | Not listed | AS9318 SKB-AS SK Broadband Co Ltd | KR |
| 2020-12-13 23:02:20 | 110.39.160.38 | Heodo | Online | Not listed | AS38264 WATEEN-IMS-PK-AS-AP National WiMAX/IMS environment |  PK |
| 2020-12-13 21:33:58 | 93.148.247.169 | Heodo | Offline | Not listed | AS30722 VODAFONE-IT-ASN |  IT |
| 2020-12-12 17:04:28 | 81.213.175.132 | Heodo | Offline | Not listed | AS9121 TTNET | TR |
| 2020-12-12 17:04:28 | 172.245.248.239 | Heodo | Online | Not listed | AS36352 AS-COLOCROSSING | US |
| 2020-12-12 17:02:22 | 58.1.242.115 | Heodo | Offline | Not listed | AS2510 INFOWEB FUJITSU LIMITED |  JP |
| 2020-12-12 02:00:45 | 13.56.227.131 | TrickBot | Offline | Not listed | AS16509 AMAZON-02 | US |
| 2020-12-12 02:00:45 | 3.101.12.202 | TrickBot | Offline | Not listed | AS16509 AMAZON-02 | US |
| 2020-12-11 21:22:05 | 24.245.65.66 | Heodo | Offline | Not listed | AS40285 NORTHLAND-CABLE | US |
| 2020-12-08 20:45:53 | 186.47.209.222 | TrickBot | Online | Not listed | AS28006 CORPORACION NACIONAL DE TELECOMUNICACIONES - CNT EP |  EC |
| 2020-12-08 16:52:03 | 192.3.73.165 | TrickBot | Offline | Not listed | AS36352 AS-COLOCROSSING | US |
| 2020-12-08 16:52:03 | 45.12.110.195 | TrickBot | Offline | Not listed | AS35913 DEDIPATH-LLC | US |
| 2020-12-08 16:40:56 | 45.12.110.193 | TrickBot | Offline | Not listed | AS35913 DEDIPATH-LLC | US |
| 2020-12-08 16:40:56 | 45.141.59.212 | TrickBot | Offline | Not listed | AS213373 IPCONNECT | DE |
| 2020-12-03 15:35:13 | 36.74.73.136 | TrickBot | Offline | Not listed | AS7713 TELKOMNET-AS-AP PT Telekomunikasi Indonesia |  ID |
| 2020-12-03 05:00:06 | 191.7.201.200 | TrickBot | Offline | Not listed | AS263327 ONLINE SERVICOS DE TELECOMUNICACOES LTDA | BR |
| 2020-11-29 21:00:19 | 45.4.32.50 | Heodo | Offline | Not listed | AS266044 ROBERTO MANELLA AMOROSO - ME | BR |
| 2020-11-29 21:00:16 | 202.79.24.136 | Heodo | Online | Not listed | AS24492 IIT-WICAM-AS-AP WiCAM Corporation Ltd. |  KH |
| 2020-11-29 21:00:14 | 54.36.185.60 | Heodo | Offline | Not listed | AS16276 OVH | FR |
| 2020-11-29 20:18:49 | 110.145.11.73 | Heodo | Online | Not listed | AS1221 ASN-TELSTRA Telstra Corporation Ltd | AU |
| 2020-11-29 20:15:49 | 190.251.216.100 | Heodo | Offline | Not listed | AS13489 EPM Telecomunicaciones S.A. E.S.P. | CO |
| 2020-11-26 21:22:31 | 23.237.137.66 | TrickBot | Offline | Not listed | AS174 COGENT-174 | US |
| 2020-11-26 21:22:31 | 185.244.151.107 | TrickBot | Offline | Not listed | AS60117 HS | RO |
| 2020-11-26 21:22:31 | 194.5.249.29 | TrickBot | Offline | Not listed | AS64398 NXTHOST-64398 NXTHOST.COM - NXTSERVERS SRL | RO |
| 2020-11-26 21:22:31 | 156.96.156.165 | TrickBot | Offline | SBL461359 | AS46664 VDI-NETWORK | US |
| 2020-11-26 21:22:31 | 185.163.45.140 | TrickBot | Offline | Not listed | AS39798 MIVOCLOUD |  MD |
| 2020-11-26 21:22:31 | 94.140.115.189 | TrickBot | Offline | Not listed | AS43513 NANO-AS |  LV |
| 2020-11-26 21:22:31 | 185.14.29.119 | TrickBot | Offline | Not listed | AS21100 ITLDC-NL | NL |
| 2020-11-26 21:22:31 | 185.234.72.75 | TrickBot | Offline | Not listed | AS30823 COMBAHTON combahton GmbH | DE |
| 2020-11-26 21:22:31 | 94.140.115.150 | TrickBot | Offline | Not listed | AS43513 NANO-AS | LV |
| 2020-11-26 21:22:31 | 195.123.240.108 | TrickBot | Offline | Not listed | AS204957 GREENFLOID-AS | US |
| 2020-11-26 21:22:31 | 195.123.242.176 | TrickBot | Offline | Not listed | AS204957 GREENFLOID-AS | US |
| 2020-11-26 21:22:31 | 86.104.194.16 | TrickBot | Offline | Not listed | AS48874 HOSTMAZE HOSTMAZE | RO |
| 2020-11-26 20:25:25 | 45.184.103.73 | Heodo | Offline | Not listed | AS269771 PRINTER-NET-SERVICE, C.A. |  VE |
| 2020-11-26 19:30:07 | 187.62.208.234 | TrickBot | Offline | Not listed | AS28165 Wireless Comm Services LTDA | BR |
| 2020-11-25 19:41:14 | 186.146.13.184 | Heodo | Offline | Not listed | AS10620 Telmex Colombia S.A. | CO |
| 2020-11-23 19:42:18 | 192.119.171.218 | TrickBot | Offline | Not listed | AS55154 MADGEN-01 | US |
| 2020-11-23 19:42:18 | 212.8.251.21 | TrickBot | Offline | Not listed | AS60117 HS | NL |
| 2020-11-23 19:42:18 | 94.140.114.99 | TrickBot | Offline | Not listed | AS43513 NANO-AS | LV |
| 2020-11-23 19:42:18 | 45.12.110.179 | TrickBot | Offline | Not listed | AS35913 DEDIPATH-LLC | US |
| 2020-11-23 19:16:23 | 175.145.248.25 | Heodo | Offline | Not listed | AS4788 TMNET-AS-AP TM Net, Internet Service Provider |  MY |
| 2020-11-23 19:16:22 | 191.223.36.170 | Heodo | Offline | Not listed | AS8167 Brasil Telecom S/A - Filial Distrito Federal | BR |
| 2020-11-23 01:53:56 | 108.21.72.56 | Heodo | Offline | Not listed | AS701 UUNET | US |
| 2020-11-22 20:15:27 | 186.222.53.247 | Heodo | Offline | Not listed | AS28573 CLARO S.A. | BR |
| 2020-11-21 18:48:21 | 185.201.9.197 | Heodo | Online | Not listed | AS47583 AS-HOSTINGER | DE |
| 2020-11-21 18:48:21 | 172.125.40.123 | Heodo | Online | Not listed | AS7018 ATT-INTERNET4 | US |
| 2020-11-21 18:45:24 | 163.53.204.180 | Heodo | Online | Not listed | AS58898 RAINBOWISP-AS Rainbow communications India Pvt Ltd | IN |
| 2020-11-21 18:44:12 | 180.198.105.177 | Heodo | Offline | Not listed | AS18126 CTCX Chubu Telecommunications Company, Inc. | JP |
| 2020-11-21 18:42:25 | 111.67.12.222 | Heodo | Offline | Not listed | AS55803 HOSTOPIA-AU Hostopia Australia Web Pty Ltd | AU |
| 2020-11-21 18:42:25 | 82.137.29.8 | Heodo | Offline | Not listed | AS8708 RCS-RDS 73-75 Dr. Staicovici | RO |
| 2020-11-21 18:42:25 | 180.232.111.30 | Heodo | Offline | Not listed | AS9658 ETPI-IDS-AS-AP Eastern Telecoms Phils., Inc. | PH |
| 2020-11-21 00:47:55 | 74.128.121.17 | Heodo | Offline | Not listed | AS10796 TWC-10796-MIDWEST | US |
| 2020-11-19 19:52:42 | 24.101.229.82 | Heodo | Offline | Not listed | AS27364 ACS-INTERNET | US |
| 2020-11-19 19:37:11 | 24.69.65.8 | Heodo | Online | Not listed | AS6327 SHAW |  CA |
| 2020-11-19 05:52:32 | 141.136.0.4 | TrickBot | Offline | Not listed | AS43513 NANO-AS | LV |
| 2020-11-19 05:44:28 | 201.102.218.101 | Heodo | Offline | Not listed | AS8151 Uninet S.A. de C.V. | MX |
| 2020-11-19 05:44:23 | 190.18.184.113 | Heodo | Offline | Not listed | AS10318 Telecom Argentina S.A. | AR |
| 2020-11-18 16:47:09 | 161.0.153.60 | Heodo | Offline | Not listed | AS27800 Digicel Trinidad and Tobago Ltd. |  TT |
| 2020-11-18 16:46:48 | 103.229.72.197 | Heodo | Offline | Not listed | AS55660 MWN-AS-ID PT Master Web Network | ID |
| 2020-11-17 19:54:29 | 51.75.222.163 | TrickBot | Offline | Not listed | AS16276 OVH | FR |
| 2020-11-17 15:27:19 | 199.189.108.71 | TrickBot | Offline | Not listed | AS29854 WESTHOST | US |
| 2020-11-17 14:48:49 | 162.212.158.135 | TrickBot | Offline | Not listed | AS11878 TZULO | US |
| 2020-11-16 05:13:24 | 156.96.119.28 | TrickBot | Offline | SBL461359 | AS46664 VDI-NETWORK | US |
| 2020-11-14 13:30:10 | 49.156.41.74 | TrickBot | Offline | Not listed | AS24492 IIT-WICAM-AS-AP WiCAM Corporation Ltd. | KH |
| 2020-11-14 13:30:10 | 43.245.216.190 | TrickBot | Offline | Not listed | AS24492 IIT-WICAM-AS-AP WiCAM Corporation Ltd. | KH |
| 2020-11-14 13:30:06 | 45.230.8.34 | TrickBot | Offline | Not listed | AS266710 Gimenez Pedro Santiago (Clorindaconectada) | AR |
| 2020-11-13 20:27:34 | 156.96.62.82 | TrickBot | Offline | SBL461359 | AS46664 VDI-NETWORK | US |
| 2020-11-13 18:32:27 | 91.200.103.217 | TrickBot | Offline | Not listed | AS30823 COMBAHTON combahton GmbH | DE |
| 2020-11-13 18:07:29 | 91.200.103.193 | TrickBot | Offline | Not listed | AS30823 COMBAHTON combahton GmbH | DE |