Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 64.118.8.252. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:64.118.8.252
Hostname:64-118-8-252.fergus.prtel.com
Status:Offline
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS25637
AS name:PRMTC - The Park Region Mutual Telephone Co, US
Country:- US
First seen:2018-09-19 12:21:47 UTC
Last seen:2018-09-19 16:13:50 UTC

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2018-09-22 04:20:130c332c0330092cb8282bbf72313ea908Virustotal results 40/65 (61.54%) 64.118.8.25280Heodo
2018-09-21 06:51:29f169a6e10534f356e9b80b97c2852aedVirustotal results 40/68 (58.82%) 64.118.8.25280Heodo
2018-09-20 08:21:57e46788e72c1b2d3e82f08276aef225a3Virustotal results 12/68 (17.65%) 64.118.8.25280Heodo
2018-09-20 06:51:4872ee9ddf665b6a0ce32b5dc546b82858Virustotal results 31/66 (46.97%) 64.118.8.25280Heodo
2018-09-20 06:18:299567c3ad2a71f3f650bf438cc217cb77Virustotal results 32/68 (47.06%) 64.118.8.25280Heodo

# of malware samples: 5