Trojan.Proxy-Bunitu

By GoldSparrow in Trojans

Threat Scorecard

Ranking:	16,650
Threat Level:	80 % (High)
Infected Computers:	4,568

First Seen:	February 6, 2014
Last Seen:	June 27, 2023
OS(es) Affected:	Windows

Trojan.Proxy-Bunitu is the name of a vicious threat that may put some hackers in control of your PC. Trojan.Proxy-Bunitu is a member of the notorious family Win32/Bunitu. When it comes to such high-level cyber threats, your intentions should be aimed towards preventing their access to your system. Otherwise, by the time you delete them, your information may already be collected and used for harmful goals. To keep Trojan.Proxy-Bunitu away, you first need to know how it may infect your PC. This cyber threat may be hidden into some seemingly innocent email attachment. It is not necessarily the payload of this threat an executable file (.exe) or a dynamic link library (.dll). Any file, regardless of its extension, may possess harmful codes, including Office documents, images and music. For this reason, you should never download or open files sent from someone you don't know.

The operators of Trojan.Proxy-Bunitu also may conceal it in some fake Java or FlashPlayer updates. When the harmful application gets access to your machine, it may make a few changes. Trojan.Proxy-Bunitu may create some Registry keys that allow it to launch when you start your PC and also trouble its removal process. Trojan.Proxy-Bunitu may interfere with other programs you have, especially those that can reveal its presence. The people behind this attack may eventually use your PC as a proxy server. This means that they will control your Internet traffic. As a result, your browsers may be forced to load threatening sites to download additional threats. Trojan.Proxy-Bunitu also may access some of your files and transfer them to the Command and Control (C&C) servers of con artists. If you have opened unverified email attachments or installed questionable software recently, you may be in trouble. You should scan your system immediately to make sure Trojan.Proxy-Bunitu isn't working.

Table of Contents

SpyHunter Detects & Remove Trojan.Proxy-Bunitu

File System Details

Trojan.Proxy-Bunitu may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	svchostx64.exe	76fc0466dae89a48a592fd3060ac8303	11
Name: svchostx64.exe MD5: 76fc0466dae89a48a592fd3060ac8303 Size: 524.28 KB (524288 bytes) Detections: 11 Type: Executable File Path: %APPDATA% Group: Malware file Last Updated: October 27, 2017
2.	svchostx64.exe	a0ebfb2654e7cd1a2a5f3f321ad858b8	6
Name: svchostx64.exe MD5: a0ebfb2654e7cd1a2a5f3f321ad858b8 Size: 656.38 KB (656384 bytes) Detections: 6 Type: Executable File Path: %SystemDrive%\Users\<username>\AppData\Roaming Group: Malware file Last Updated: October 27, 2017
3.	svchostx64.exe	ff23030732987a5b57a9209a9c976b76	4
Name: svchostx64.exe MD5: ff23030732987a5b57a9209a9c976b76 Size: 615.42 KB (615424 bytes) Detections: 4 Type: Executable File Path: %APPDATA% Group: Malware file Last Updated: October 27, 2017
4.	rundll3.exe	4cef794e71b50772e9840a9700a2405f	3
Name: rundll3.exe MD5: 4cef794e71b50772e9840a9700a2405f Size: 262.65 KB (262656 bytes) Detections: 3 Type: Executable File Path: C:\Users\<username>\AppData\Roaming Group: Malware file Last Updated: July 25, 2018
5.	svchostx64.exe	8621ef97e6097e05d4a9ca5fbba3baae	2
Name: svchostx64.exe MD5: 8621ef97e6097e05d4a9ca5fbba3baae Size: 556.54 KB (556544 bytes) Detections: 2 Type: Executable File Path: %APPDATA% Group: Malware file Last Updated: October 27, 2017
6.	svchostx64.exe	4ba3d0cdd5919453b9667430a2d97444	1
Name: svchostx64.exe MD5: 4ba3d0cdd5919453b9667430a2d97444 Size: 625.15 KB (625152 bytes) Detections: 1 Type: Executable File Path: %APPDATA% Group: Malware file Last Updated: October 27, 2017
7.	file.exe	c5cc7ec50e8512cf36b5e7e3886cf493	0
Name: file.exe MD5: c5cc7ec50e8512cf36b5e7e3886cf493 Size: 190.97 KB (190976 bytes) Detections: 0 Type: Executable File Group: Malware file Last Updated: July 21, 2017

Registry Details

Trojan.Proxy-Bunitu may create the following registry entry or registry entries:

Regexp file mask

%APPDATA%\svchostx64.exe

%LOCALAPPDATA%\install_NetworkLighter.exe

%LOCALAPPDATA%\install_redparrot.exe

%LOCALAPPDATA%\install_UEFIConfig.exe

%LOCALAPPDATA%\removeHN.exe

%LOCALAPPDATA%\removeSSR.exe

%LOCALAPPDATA%\setup_NeoNetPlasma.exe

%LOCALAPPDATA%\setupImageCreator_v4.2.exe

%LOCALAPPDATA%\setupInRAMQueue.exe

%LOCALAPPDATA%\setupNetRegistry.exe

%LOCALAPPDATA%\uninstallBTCG.exe

%LOCALAPPDATA%\uninstallCS.exe

%LOCALAPPDATA%\uninstallIBR.exe

%LOCALAPPDATA%\uninstallML.exe

%LOCALAPPDATA%\uninstallVDK.exe

%UserProfile%\Local Settings\Application Data\iavbret.dll

%UserProfile%\Local Settings\Application Data\setup_NeoNetPlasma.exe

HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}

ComService

HardNet

NeoNetPlasma

NetRegistry

NetworkLighter

RedParrot

SaucySalamander

UEFIConfig

VideoBind

VirtualDesktopKeeper

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Trojan.Proxy-Bunitu

Threat Scorecard

EnigmaSoft Threat Scorecard

SpyHunter Detects & Remove Trojan.Proxy-Bunitu

File System Details

Registry Details

Submit Comment

Trending

'YouPorn' Email Scam

Safe Search Eng

Findtheirreport.com

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen