Browse Botnet C&Cs

You are currently viewing the database entry for the Heodo botnet command&control server (C&C) 81.21.85.89. You can get additional information about this C&C here, such as first seen, last seen and associated malware samples.

Database Entry


Host:81.21.85.89
Hostname:n/a
Status:Offline
Spamhaus SBL:Not listed
Malware:Heodo -
AS number:AS39280
AS name:ULTELNET-AS
Country:- AZ
First seen:2018-09-04 13:31:19 UTC
Last seen:2018-09-14 20:38:07 UTC

Malware Samples


The table below documents all malware samples associated with this Heodo botnet command&control server (C&C).

Timestamp (UTC)Malware Sample (MD5 hash)VTHostPortSignature
2018-09-14 20:26:303430e131ad95cdf1da8fd429857aad9bVirustotal results 28/68 (41.18%) 81.21.85.897080Heodo
2018-09-05 16:22:081727000c23a4dd1810c3cb667bcf27edVirustotal results 12/68 (17.65%) 81.21.85.897080Heodo
2018-09-05 14:43:51c072f2d8958cde061f1bc6160dbe4977Virustotal results 31/66 (46.97%) 81.21.85.897080Heodo
2018-09-05 13:00:25b67f6b96b11d2102db489d4f9dad5bd9Virustotal results 11/60 (18.33%) 81.21.85.897080Heodo
2018-09-05 12:23:485f1446c5b8e8fd15e72defe726485999Virustotal results 16/68 (23.53%) 81.21.85.897080Heodo
2018-09-04 13:51:59a9c4fca138e83df8e26bfd23f66a8790Virustotal results 15/67 (22.39%) 81.21.85.897080Heodo

# of malware samples: 6