Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 216.249.210.20. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:216.249.210.20
Hostname:cust.138282.sxflsdch38R.sdnet.net
Status:Offline
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS13576
AS name:SDNW-13576 - SOUTH DAKOTA NETWORK, US
Country:- US
First seen:2018-09-28 13:42:09 UTC
Last seen:0000-00-00 00:00:00 UTC

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2018-10-02 02:18:13883a2e7bfee1348c73b154495f9fcf7dVirustotal results 40/69 (57.97%) 216.249.210.20990Heodo
2018-10-01 06:31:33b2a3700644031fb2cc199c9aceac2dabVirustotal results 28/69 (40.58%) 216.249.210.20990Heodo
2018-09-30 18:02:44d0d1fe48b0d7069d97e73ef27f11827fVirustotal results 23/69 (33.33%) 216.249.210.20990Heodo
2018-09-30 09:37:33fc8e25275bee2569e4d4556cc1701aebVirustotal results 33/69 (47.83%) 216.249.210.20990Heodo
2018-09-30 09:15:064c9cd1b9ab3a71950a76c76d035568eeVirustotal results 20/69 (28.99%) 216.249.210.20990Heodo
2018-09-29 12:30:2208b9e7851faab46f34e86bde6c8d3ebbVirustotal results 14/69 (20.29%) 216.249.210.20990Heodo
2018-09-28 15:19:002a8943bb4aa261ccaf29389c86b7592aVirustotal results 19/69 (27.54%) 216.249.210.20990Heodo
2018-09-28 15:06:5362f1859acecb29cf5f5a28bfedb91ef2Virustotal results 15/68 (22.06%) 216.249.210.20990Heodo
2018-09-28 14:44:43a1553d1e3c0679bc61e19ffd057a54feVirustotal results 13/68 (19.12%) 216.249.210.20990Heodo

# of malware samples: 9