How to remove wup.exe
wup.exe
The module wup.exe has been detected as Trojan.CoinMiner
File Details
| MD5: | 69292742888f4f3828988eacb474431d |
| Size: | 4 MB |
| First Published: | 2020-06-30 20:31:26 (4 years ago) |
| Latest Published: | 2021-07-18 20:38:51 (3 years ago) |
| Status: | Trojan.CoinMiner (on last analysis) | |
| Analysis Date: | 2021-07-18 20:38:51 (3 years ago) |
Common Places:
| %temp%\csrss\wup |
| %temp%\csrss\wup |
| %temp%\csrss\wup |
| %temp%\csrss\wup |
| %temp%\csrss\wup |
| %temp%\csrss\wup |
| %temp%\csrss\wup |
| %temp%\csrss\wup |
| %temp%\csrss\wup |
| %temp%\csrss\wup |
Geography:
| 10.0% | ||
| 7.4% | ||
| 5.0% | ||
| 4.6% | ||
| 4.5% | ||
| 4.4% | ||
| 4.2% | ||
| 3.5% | ||
| 3.3% | ||
| 3.2% | ||
| 3.1% | ||
| 2.7% | ||
| 2.3% | ||
| 2.2% | ||
| 1.9% | ||
| 1.9% | ||
| 1.8% | ||
| 1.6% | ||
| 1.2% | ||
| 1.2% | ||
| 1.1% | ||
| 1.0% | ||
| 1.0% | ||
| 1.0% | ||
| 0.9% | ||
| 0.9% | ||
| 0.8% | ||
| 0.8% | ||
| 0.8% | ||
| 0.8% | ||
| 0.8% | ||
| 0.7% | ||
| 0.7% | ||
| 0.7% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% | ||
| 0.6% | ||
| 0.5% | ||
| 0.5% | ||
| 0.5% | ||
| 0.5% | ||
| 0.5% | ||
| 0.4% | ||
| 0.4% | ||
| 0.4% | ||
| 0.4% | ||
| 0.4% | ||
| 0.4% | ||
| 0.4% | ||
| 0.4% | ||
| 0.4% | ||
| 0.3% | ||
| 0.3% | ||
| 0.3% | ||
| 0.3% | ||
| 0.3% | ||
| 0.3% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.2% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% | ||
| 0.1% |
OS Version:
| Windows 10 | 84.6% | |
| Windows 7 | 11.3% | |
| Windows 8.1 | 3.4% | |
| Windows 8 | 0.6% | |
| Windows Server 2008 | 0.1% |
Analysis
| Subsystem: | Windows CUI |
| PE Type: | pe |
| OS Bitness: | 64 |
| Image Base: | 0x0000000140000000 |
| Entry Address: | 0x0029c4c8 |
PE Sections:
| Name | Size of data | MD5 |
| .text | 3077632 | 995d10547562ff736cb7a292ab23d4ec |
| .rdata | 1189376 | 20aa860b4721003673cc8fe449d2653d |
| .data | 70144 | 232c789f27515f6ae9b04987ddf28850 |
| .pdata | 124928 | 9dc6a7864844eb3181c20dcb138b58d0 |
| _RANDOMX | 2048 | 4c9ad32e381e3b0d5fe17bbaafaae2bf |
| _SHA3_25 | 2560 | c14f9aad5e95192cd7523ba6675549fd |
| _TEXT_CN | 6656 | 6a7f77e47f77f65bef85036ae5a71106 |
| _TEXT_CN | 4608 | 409bf3f918f2402291cb56c2e9354b47 |
| _RDATA | 512 | eb798a3297a76d86b0e6a4a666bb71a2 |
| .rsrc | 15360 | 3515cc74f71c2f6bc0eb3acdbaa52317 |
| .reloc | 34304 | 0fdb07107885447fb5f4ad56fb1e0ad9 |
More information:
Download GridinSoft
Anti-Malware - Removal tool for wup.exe
