Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 187.199.104.240. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry

Host:	187.199.104.240
Hostname:	dsl-187-199-104-240-dyn.prod-infinitum.com.mx
Status:	Offline
Spamhaus SBL:	Not listed
Malware:	Heodo
AS number:	AS8151
AS name:	Uninet S.A. de C.V., MX
Country:	MX
First seen:	2018-09-19 12:37:11 UTC
Last seen:	2018-09-19 12:49:40 UTC

Malware Samples

The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Host	Port	Signature
2019-01-08 13:32:11	06d093fd459cb9e009c30f79d30479cb	50/68 (73.53%)	187.199.104.240	7080	Heodo
2019-01-08 07:46:14	4e62efe626178b5a1e9b1aa52b6af3cb	46/67 (68.66%)	187.199.104.240	7080	Heodo
2018-09-22 21:50:35	9534ee331e9d61fb1021ee3f6fceaa5c	35/69 (50.72%)	187.199.104.240	7080	Heodo
2018-09-22 04:20:13	0c332c0330092cb8282bbf72313ea908	40/65 (61.54%)	187.199.104.240	7080	Heodo
2018-09-21 06:51:29	f169a6e10534f356e9b80b97c2852aed	40/68 (58.82%)	187.199.104.240	7080	Heodo
2018-09-21 05:46:29	2ec0e805931ba5af5d245c123d106a32	38/69 (55.07%)	187.199.104.240	7080	Heodo
2018-09-20 19:20:07	673d9c17be03bae4201d78705f875b0f	44/68 (64.71%)	187.199.104.240	7080	Heodo
2018-09-20 18:22:30	ca7225a5ac7700ee93895e6edc592560	18/68 (26.47%)	187.199.104.240	7080	Heodo
2018-09-20 08:21:57	e46788e72c1b2d3e82f08276aef225a3	12/68 (17.65%)	187.199.104.240	7080	Heodo
2018-09-20 06:51:48	72ee9ddf665b6a0ce32b5dc546b82858	31/66 (46.97%)	187.199.104.240	7080	Heodo
2018-09-20 06:18:29	9567c3ad2a71f3f650bf438cc217cb77	32/68 (47.06%)	187.199.104.240	7080	Heodo
2018-09-18 10:29:07	b7f71db7f2fc9521573a23bbf58aff93	13/68 (19.12%)	187.199.104.240	7080	Heodo
2018-09-18 09:07:27	1157330151fe3986fafb3fd59421c483	13/68 (19.12%)	187.199.104.240	7080	Heodo

# of malware samples: 13