Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 31.166.244.172. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:31.166.244.172
Hostname:n/a
Status:Offline
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS35819
AS name:MOBILY-AS Etihad Etisalat Company (Mobily)
Country:- SA
First seen:2018-10-03 10:55:29 UTC
Last seen:2019-01-08 09:33:44 UTC

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2019-01-09 05:36:096a8b2fa4499c0449d8171e2fba3fdc27Virustotal results 49/66 (74.24%) 31.166.244.17280Heodo
2019-01-08 18:02:4105f33042eeb5c63604c856608e7282b2Virustotal results 45/69 (65.22%) 31.166.244.17280Heodo
2019-01-08 17:54:486274efa57ce9dc0df61589b2694e8f44Virustotal results 46/69 (66.67%) 31.166.244.17280Heodo
2019-01-08 16:13:09f6ccd9b87aac3d9aeef2c0c72c554eeaVirustotal results 48/68 (70.59%) 31.166.244.17280Heodo
2019-01-08 14:11:20471e2f41ee7c2fe3abd7aaae2b10a308Virustotal results 47/69 (68.12%) 31.166.244.17280Heodo
2019-01-08 12:20:5006673abb3088baf394ba5b938c3ddb9cVirustotal results 46/69 (66.67%) 31.166.244.17280Heodo
2019-01-08 07:40:42090b2edf71088abd015071a57a6e5226Virustotal results 49/69 (71.01%) 31.166.244.17280Heodo

# of malware samples: 7