Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 64.183.104.2. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:64.183.104.2
Hostname:rrcs-64-183-104-2.west.biz.rr.com
Status:Offline
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS20001
AS name:TWC-20001-PACWEST - Charter Communications Inc
Country:- US
First seen:2018-11-12 11:09:10 UTC
Last seen:2018-11-18 10:50:43 UTC

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2018-11-21 01:58:29a2c5adac21062b4d228229ac4bd7bfa9Virustotal results 50/68 (73.53%) 64.183.104.280Kovter
2018-11-13 09:06:359baa9417b95e662b1e0fd9ceb611d351Virustotal results 14/58 (24.14%) 64.183.104.280Heodo
2018-11-12 11:09:1073bd351f112bd55cd1c38efa7e1a71d7Virustotal results 38/59 (64.41%) 64.183.104.280Heodo
2013-02-19 21:30:024d7b85265cf1ba1a500c8e5b50c23693Virustotal results 42/45 (93.33%) 64.183.104.280
2013-02-19 21:30:024d7b85265cf1ba1a500c8e5b50c23693Virustotal results 42/45 (93.33%) 64.183.104.280

# of malware samples: 5