home

spirit.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from download1226.mediafire.com and multiple other hosts.
MD5:
2b13ffc376f749f74a105a441f4a1517

SHA-1:
a9c662ecad67fad7712b0873a95db7c830410617

SHA-256:
c8561e9b17c476344caadcfef70ce47d92c6c000261c549757457f4bfb190b7d

Scanner detections:
2 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
11/25/2024 3:56:28 PM UTC  (today)

Scan engine
Detection
Engine version

Bkav FE
W32.HfsPikanver
1.3.0.4959

Sophos
Spirit Jailbreak
4.98

File size:
4.4 MB (4,570,608 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\downloads\spirit.exe

File PE Metadata
Compilation timestamp:
5/3/2010 9:16:34 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.56

CTPH (ssdeep):
98304:VbQaK1Ed6rB2Ulpi9L+1xyncX0yVXOM81tYzuUx1pL3FBJf4pip5q:R+1/rBXTiXncXtVeM8jYCUbV3KpipE

Entry address:
0x197940

Entry point:
60, BE, 15, 30, 52, 00, 8D, BE, EB, DF, ED, FF, 57, 83, CD, FF, EB, 10, 90, 90, 90, 90, 90, 90, 8A, 06, 46, 88, 07, 47, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 72, ED, B8, 01, 00, 00, 00, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, 01, DB, 73, 0B, 75, 28, 8B, 1E, 83, EE, FC, 11, DB, 72, 1F, 48, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C0, EB, D4, 01, DB, 75, 07, 8B, 1E, 83, EE, FC, 11, DB, 11, C9, EB, 52, 31, C9, 83, E8, 03, 72, 11, C1, E0, 08, 8A, 06, 46, 83, F0, FF, 74, 75, D1, F8, 89...
 
[+]

Entropy:
7.9421

Packer / compiler:
UPX 2.90LZMA]

Code size:
468 KB (479,232 bytes)

The file spirit.exe has been discovered within the following programs.

Apple Application Support  by Apple Inc.
Apple Application Support is required to run iTunes, QuickTime and other Apple installed products (do not remove this if you use any of these programs). If you remove this program you will need to reinstall it in order for iTunes to load.
www.apple.com
6% remove it
Apple Application Support (32 bits)  by Apple Inc.
www.apple.com/fr
9% remove it
Apple Application Support (32-bit)  by Apple Inc.
8% remove it
 
Powered by Should I Remove It?

The file spirit.exe has been seen being distributed by the following 10 URLs.

http://download1226.mediafire.com/jbgys477n9jg/.../Spirit.exe

http://download1118.mediafire.com/9zp5dd5ef85g/.../Spirit.exe

http://s10153.chomikuj.pl/File.aspx?e=Vr1y0c4zxfJyn1Q1iw86Of45kreguMH6ZLrQ9oSdI0S9kfEtb-L-w-w9PsGSVELCfslO8RHT5GDxyHC8mNf6e5B9-yV8bznWzoRt_z-_WHbf1u4DQ0si-nRTm20jY-g4eJubo3SkHiH97CYdT-JtpQ&pv=2

http://download701.mediafire.com/pcsy16ihpzag/.../Spirit.exe

http://download1363.mediafire.com/ps35xuwco2cg/.../Spirit.exe

http://modmyi.com/.../Spirit.exe

http://cache.saurik.com/.../Spirit.exe

http://spiritjb.com/win

http://dc371.4shared.com/download/.../Spirit.exe

http://thebigboss.org/.../Spirit.exe

Scan spirit.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.