Necurs
Description
(Blueliv) It affects mainly Asian and European countries, but with more than 1.5 million infected computers, it also has active bots across almost every continent. The current number of related bots online is about 1,350,000, but each day more users are infected. Necurs is modular malware with a lot of features, but it is mainly known for sending large spam campaigns via email. This large botnet is actually formed by 7 smaller botnets put together using the same malware. Blueliv’s Threat Intelligence Lab team has performed a deep and detailed malware-reversal analysis on Necurs.
Names
| Name |
|---|
| Necurs |
| nucurs |
Category
Malware
Type
- Botnet
- Downloader
Information
- https://www.blueliv.com/necurs-one-of-the-worlds-biggest-botnets-today/
- https://blog.avast.com/botception-with-necurs-botnet-distributes-script-with-bot-capabilities-avast-threat-labs
- https://www.bitsighttech.com/blog/necurs-proxy-module-with-ddos-features
- http://blog.talosintelligence.com/2017/03/necurs-diversifies.html
- https://www.blueliv.com/wp-content/uploads/2018/07/Blueliv-Necurs-report-2017.pdf
- https://blog.trendmicro.com/trendlabs-security-intelligence/necurs-evolves-to-evade-spam-detection-via-internet-shortcut-file/
- https://www.trustwave.com/Resources/SpiderLabs-Blog/Necurs-Recurs/
- https://blog.trendmicro.com/trendlabs-security-intelligence/the-new-face-of-necurs-noteworthy-changes-to-necurs-behaviors
- https://cofense.com/necurs-targeting-banks-pub-file-drops-flawedammyy/
- https://www.cert.pl/en/news/single/necurs-hybrid-spam-botnet/
- https://en.wikipedia.org/wiki/Necurs_botnet
Malpedia
Alienvault Otx
Other Information
Uuid
d820a4fb-edd8-4c5d-b5dd-24d1795aa285
Last Card Change
2020-05-14