Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 138.68.67.4. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:138.68.67.4
Hostname:rwchmuvknwhtvocryhgkjrferowrvsnhisjcxgsx.colorado.edu
Status:Offline
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS14061
AS name:DIGITALOCEAN-ASN - DigitalOcean, LLC
Country:- DE
First seen:2018-11-05 19:02:29 UTC
Last seen:2018-11-12 15:54:03 UTC

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2018-11-12 16:13:4146d93591fcb2b75524427f905da3c3abVirustotal results 12/58 (20.69%) 138.68.67.48080Heodo
2018-11-12 16:13:4146d93591fcb2b75524427f905da3c3abVirustotal results 12/58 (20.69%) 138.68.67.48080Heodo
2018-11-09 21:48:417f1ff0b5e6637e59e0295f36394db4e7Virustotal results 9/59 (15.25%) 138.68.67.48080Heodo
2018-11-09 21:48:417f1ff0b5e6637e59e0295f36394db4e7Virustotal results 9/59 (15.25%) 138.68.67.48080Heodo
2018-11-09 20:56:32f250b1cfd65c13e76927d1a65b9fb2d3Virustotal results 12/59 (20.34%) 138.68.67.48080Heodo
2018-11-09 20:56:32f250b1cfd65c13e76927d1a65b9fb2d3Virustotal results 12/59 (20.34%) 138.68.67.48080Heodo
2018-11-09 18:46:17086e742c411903c6bcca773ab97b1abdVirustotal results 16/66 (24.24%) 138.68.67.48080Heodo
2018-11-09 18:46:17086e742c411903c6bcca773ab97b1abdVirustotal results 16/66 (24.24%) 138.68.67.48080Heodo
2018-11-09 18:25:48b134034cc7993d4b514d4be55653e1a1Virustotal results 39/58 (67.24%) 138.68.67.48080Heodo
2018-11-09 18:25:48b134034cc7993d4b514d4be55653e1a1Virustotal results 39/58 (67.24%) 138.68.67.48080Heodo
2018-11-09 18:08:3637f94f0d42ea3bf1cdc8ba453e28a618Virustotal results 12/59 (20.34%) 138.68.67.48080Heodo
2018-11-09 18:08:3637f94f0d42ea3bf1cdc8ba453e28a618Virustotal results 12/59 (20.34%) 138.68.67.48080Heodo
2018-11-05 20:10:276f65a122f8df74393e511bb788f6e5beVirustotal results 9/57 (15.79%) 138.68.67.48080Heodo
2018-11-05 19:52:32a76cd0e19f10443bf82797309e118594Virustotal results 10/58 (17.24%) 138.68.67.48080Heodo
2018-11-05 19:02:2932e2c450c055013a97b02f80191731eeVirustotal results 35/68 (51.47%) 138.68.67.48080Heodo
2018-11-05 19:02:2932e2c450c055013a97b02f80191731eeVirustotal results 35/68 (51.47%) 138.68.67.48080Heodo

# of malware samples: 16