Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 203.94.66.109. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry

Host:	203.94.66.109
Hostname:	n/a
Status:	Offline
Spamhaus SBL:	Not listed
Malware:	Heodo
AS number:	AS9329
AS name:	SLTINT-AS-AP Sri Lanka Telecom Internet, LK
Country:	LK
First seen:	2018-08-15 09:59:43 UTC
Last seen:	2018-08-18 23:58:51 UTC

Malware Samples

The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)	Malware Sample (MD5 hash)	VT	Host	Port	Signature
2019-01-08 20:56:05	2bff8b0f03c8e09c51b6ef3a7643340f	52/68 (76.47%)	203.94.66.109	8080	Heodo
2019-01-08 12:11:25	de7caab9e456438556ff20ef358dcf87	48/68 (70.59%)	203.94.66.109	8080	Heodo
2018-08-21 03:21:35	c5807e6488e89569169facdae30afa98	42/68 (61.76%)	203.94.66.109	8080	Heodo
2018-08-18 20:41:11	304c523b0a8e96b8bd7365a57531b5ff	13/69 (18.84%)	203.94.66.109	8080	Heodo
2018-08-18 18:07:26	7cb7437976e0341eddffbc6063ae4168	35/68 (51.47%)	203.94.66.109	8080	Heodo
2018-08-18 16:53:13	0cb0bc28c2c9c944fc64533fa817f222	13/67 (19.40%)	203.94.66.109	8080	Heodo
2018-08-18 08:36:34	166c7c2d1a539540d60510d93886188f	21/65 (32.31%)	203.94.66.109	8080	Heodo
2018-08-18 06:32:31	00b93b89efc98887d79fe31f1b2d56f8	26/66 (39.39%)	203.94.66.109	8080	Heodo
2018-08-18 06:17:28	936db5b1376e9246ba21ef3085db9e8b	14/67 (20.90%)	203.94.66.109	8080	Heodo
2018-08-17 14:25:31	69d2f2e075872e1c7e70df9cbffcae6a	13/68 (19.12%)	203.94.66.109	8080	Heodo
2018-08-17 13:00:06	fbcf649977092322e62762330edc0c56	34/67 (50.75%)	203.94.66.109	8080	Heodo
2018-08-17 12:01:20	efa40e7655a2d64dd2d60e2423062877	14/67 (20.90%)	203.94.66.109	8080	Heodo
2018-08-17 11:00:46	9d0f7f22e040f2da8c857b1d0d175767	10/67 (14.93%)	203.94.66.109	8080	Heodo
2018-08-17 09:10:17	acfbf9f2bb404a10f98e41add18fc462	18/66 (27.27%)	203.94.66.109	8080	Heodo
2018-08-17 07:16:40	67cd87a21772d855bbeb5b7f3c259385	32/68 (47.06%)	203.94.66.109	8080	Heodo
2018-08-16 17:08:45	a8ab9af81a05dc7cc8186a9f9491fc1a	20/67 (29.85%)	203.94.66.109	8080	Heodo
2018-08-16 16:45:01	dfac83c179bbcefa8f526babb8d257c6	21/68 (30.88%)	203.94.66.109	8080	Heodo
2018-08-16 12:28:07	33b080be2110f75b8f3366f6685c5d9b	15/68 (22.06%)	203.94.66.109	8080	Heodo
2018-08-16 12:22:13	1367356e2c3a6c8c258447781eef3838	16/66 (24.24%)	203.94.66.109	8080	Heodo
2018-08-16 09:55:18	638cd91f3400e1c9032bff7b1efac453	32/67 (47.76%)	203.94.66.109	8080	Heodo
2018-08-16 09:37:53	fe7626a97651e76baed4c2952cd7601a	30/66 (45.45%)	203.94.66.109	8080	Heodo
2018-08-15 17:55:44	faea29635180236c41fc62941585cb7b	13/61 (21.31%)	203.94.66.109	8080	Heodo
2018-08-15 17:34:29	112d109319d7b849591f55e0c75165a9	15/68 (22.06%)	203.94.66.109	8080	Heodo
2018-08-15 12:44:30	c98be00afc4467fbe0588821e3c91b3c	15/68 (22.06%)	203.94.66.109	8080	Heodo

# of malware samples: 24