Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 172.91.24.153. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:172.91.24.153
Hostname:cpe-172-91-24-153.socal.res.rr.com
Status:Offline
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS20001
AS name:TWC-20001-PACWEST - Charter Communications Inc
Country:- US
First seen:2018-11-21 07:07:18 UTC
Last seen:2018-11-21 21:02:26 UTC

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2018-11-21 21:23:08799287a1e477939702e9eee47ecd4719Virustotal results 18/59 (30.51%) 172.91.24.15380Heodo
2018-11-21 17:12:24b6afc2a086094ab9dfc0df461a4166bfn/a172.91.24.15380Heodo
2018-11-21 17:03:123bf8f6b49ca3c5ec940ce5e3c57a054dVirustotal results 23/58 (39.66%) 172.91.24.15380Heodo
2018-11-21 15:17:4283a1ccdbd9c526cddd0f696c86a02ff9Virustotal results 24/58 (41.38%) 172.91.24.15380Heodo
2018-11-21 13:50:26346a35bfa25bdb65c6069b3b92e9a8b8Virustotal results 40/67 (59.70%) 172.91.24.15380Heodo
2018-11-21 09:43:538f5071d3d103728e2e5f7a1ad0b5a425Virustotal results 13/59 (22.03%) 172.91.24.15380Heodo
2018-11-21 09:35:15ec8588407e425bf18194cf999bb0a245Virustotal results 12/57 (21.05%) 172.91.24.15380Heodo
2018-11-21 09:33:42fa354f832636b920b4b935eb69cb02afVirustotal results 12/59 (20.34%) 172.91.24.15380Heodo
2018-11-21 08:52:47a3360ca4e81e973a9dacc1c748f05f74Virustotal results 12/59 (20.34%) 172.91.24.15380Heodo
2018-11-21 08:52:47a3360ca4e81e973a9dacc1c748f05f74Virustotal results 12/59 (20.34%) 172.91.24.15380Heodo
2018-11-21 07:24:240eb640c655d1e7e1e0f523c1ef29b942Virustotal results 34/58 (58.62%) 172.91.24.15380Heodo
2018-11-21 07:24:240eb640c655d1e7e1e0f523c1ef29b942Virustotal results 34/58 (58.62%) 172.91.24.15380Heodo
2018-11-21 07:07:187381a99a31951eeea05d7c5021d13e6cVirustotal results 40/60 (66.67%) 172.91.24.15380Heodo
2018-11-21 07:07:187381a99a31951eeea05d7c5021d13e6cVirustotal results 40/60 (66.67%) 172.91.24.15380Heodo

# of malware samples: 14