Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 72.216.21.186. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:72.216.21.186
Hostname:ip72-216-21-186.pn.at.cox.net
Status:Offline
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS22773
AS name:ASN-CXA-ALL-CCI-22773-RDC - Cox Communications Inc.
Country:- US
First seen:2018-09-07 15:35:11 UTC
Last seen:2019-01-08 08:35:22 UTC

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2019-01-08 13:32:422e169824f7ff449aa496f5883a8a0c7bVirustotal results 38/68 (55.88%) 72.216.21.186443Heodo
2019-01-08 13:22:275bd5e32e11bdbb4a64b001fa5f0cd0efVirustotal results 47/68 (69.12%) 72.216.21.186443Heodo
2019-01-08 12:41:1270fe33f7311fd584dbf25c4bb51ed4caVirustotal results 52/68 (76.47%) 72.216.21.186443Heodo
2019-01-08 12:34:0526fec1e25a99f0cee5e40a4cac55ea00Virustotal results 47/69 (68.12%) 72.216.21.186443Heodo
2018-10-09 14:05:277fd6bff1f2a4deae290f801e084af3ceVirustotal results 43/61 (70.49%) 72.216.21.186443Heodo

# of malware samples: 5