home

redsn0w.exe

Apple Inc.

This is a setup program which is used to install the application. The file has been seen being downloaded from mega.nz.
Publisher:
Apple Inc.  (signed and verified)

MD5:
aeb7ac29b1954c992f33335da1e59189

SHA-1:
1499f5fad69a2212126096379582204298abf911

SHA-256:
5e8b71b39685a1496a4f9479c38d6279978ff5b08a19274c4d950b39172fc177

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/27/2024 12:43:55 AM UTC  (today)

File size:
15.4 MB (16,193,536 bytes)

File type:
Executable application (Win32 EXE)

Digital Signature
Signed by:
Apple Inc.

Authority:
Apple Inc.

Valid from:
7/7/2007 11:08:03 PM

Valid to:
7/7/2010 11:08:03 PM

Subject:
OU=iPhone, O=Apple Inc., L=Cupertino, S=CA, C=US, CN=3851a67c8a70377738f150e3aaa665e94196d371

Issuer:
CN=Apple iPhone Device CA, OU=Apple iPhone, O=Apple Inc., C=US

Serial number:
038051601F4F41193BE9

File PE Metadata
Compilation timestamp:
7/7/2009 5:46:10 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.56

CTPH (ssdeep):
393216:l7j6pMw6PnA5V/C4DtOu3/7OHFIVAM036Xkv/7H5g960:l7eYmqu3/7OHTMUGu28

Entry address:
0x1240

Entry point:
55, 89, E5, 83, EC, 14, 6A, 02, FF, 15, BC, B0, 38, 01, E8, BD, FE, FF, FF, 8D, B6, 00, 00, 00, 00, 8D, BC, 27, 00, 00, 00, 00, 55, 8B, 0D, 5C, B1, 38, 01, 89, E5, 5D, FF, E1, 8D, 74, 26, 00, 55, 8B, 0D, 1C, B1, 38, 01, 89, E5, 5D, FF, E1, 90, 90, 90, 90, 55, 89, E5, 83, EC, 08, A1, 08, C2, 31, 01, 85, C0, 74, 3B, 83, EC, 0C, 68, 00, D0, 31, 01, E8, 5C, EF, 1A, 00, 89, C2, 83, C4, 0C, B8, 00, 00, 00, 00, 85, D2, 74, 0F, 50, 50, 68, 0D, D0, 31, 01, 52, E8, 51, EF, 1A, 00, 5A, 59, 85, C0, 74, 0D, 83, EC, 0C...
 
[+]

Packer / compiler:
Dev-C++ v5

Code size:
2.2 MB (2,351,104 bytes)

The file redsn0w.exe has been seen being distributed by the following URL.

https://mega.nz/temporary/.../StxBWYxa

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.