How to remove wup.exe

» File
File Details
Overview
Analysis

wup.exe

The module wup.exe has been detected as Trojan.CoinMiner

wup.exe

Remove wup.exe

File Details

Main Info:

MD5:	4f649a57b7ddf3874c9a2163a73e9b07
Size:	5 MB
First Published:	2023-01-26 23:45:53 (a year ago)
Latest Published:	2024-04-19 23:01:28 (5 days ago)

Analysis:

Status:	Trojan.CoinMiner (on last analysis)
Analysis Date:	2024-04-19 23:01:28 (5 days ago)

Common Places:

%temp%\csrss\wup

%temp%\csrss\wup

%temp%\csrss\wup

%temp%\csrss\wup

%temp%\csrss\wup

%temp%\csrss\wup

%temp%\csrss\wup

%temp%\csrss\wup

%temp%\csrss\wup

%temp%\csrss\wup

Geography:

	7.5%
	6.9%
	6.9%
	6.3%
	5.6%
	5.0%
	4.4%
	3.8%
	3.8%
	3.8%
	3.8%
	3.1%
	3.1%
	2.5%
	2.5%
	1.9%
	1.9%
	1.3%
	1.3%
	1.3%
	1.3%
	1.3%
	1.3%
	1.3%
	1.3%
	1.3%
	1.3%
	1.3%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%
	0.6%

OS Version:

Windows 10	90.7%
Windows 7	6.2%
Windows 8.1	1.9%
Windows 8	1.2%

Analysis

PE Info:

Subsystem:	Windows CUI
PE Type:	pe
OS Bitness:	64
Image Base:	0x0000000140000000
Entry Address:	0x00346184

PE Sections:

Name	Size of data	MD5
.text	3655680	6ad2a72d23ade83904e90ff32f7778b9
.rdata	1497088	af7ca5c8b710ef05d18cd874e47861e2
.data	64000	f8c35f0187d35f30ec5e619ab4e3fa3c
.pdata	128000	edf2c91e9b6239b640b53253bf8ee8b3
_RANDOMX	3584	9ee63642b94966ecb630ee0843e46b26
_SHA3_25	2560	c14f9aad5e95192cd7523ba6675549fd
_TEXT_CN	10240	afea7882aa31e5987db2f12b8933de56
_TEXT_CN	4608	409bf3f918f2402291cb56c2e9354b47
_RDATA	512	7e27e5e73514cd6d84a3052b82f93b11
.rsrc	15360	249bd546af9fec3a8380bc31bb4412de
.reloc	33280	a90f66c1eb2a38dec34984456a65f543

More information:

Search on Virustotal

Download GridinSoft Anti-Malware - Removal tool for wup.exe

copyright for information about wup.exe