home

redsn0w.exe

Apple Inc.

Publisher:
Apple Inc.  (signed and verified)

MD5:
63241154f15df9dd9bd12add26659aad

SHA-1:
54ca83abecfa090cb43f193690bf4ff9230821da

SHA-256:
75fa8bdd432bccc60b6ce8625052d0de53b9fb0ca3dae68ffbb6c52b451a9043

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/26/2024 2:27:25 PM UTC  (today)

File size:
24.3 MB (25,516,032 bytes)

File type:
Executable application (Win32 EXE)

Common path:
C:\users\{user}\appdata\local\temp\redsn0w.exe

Digital Signature
Signed by:
Apple Inc.

Authority:
Apple Inc.

Valid from:
4/25/2006 11:40:36 PM

Valid to:
2/9/2035 11:40:36 PM

Subject:
CN=Apple Root CA, OU=Apple Certification Authority, O=Apple Inc., C=US

Issuer:
CN=Apple Root CA, OU=Apple Certification Authority, O=Apple Inc., C=US

Serial number:
02

File PE Metadata
Compilation timestamp:
12/30/2011 7:59:40 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.56

CTPH (ssdeep):
98304:0prxs9Ax8WhNN4meI5PniewYFziVUyTNOnFvw5CNhyExBAUZLpluKpN3zHGT:0txFmWhNNWIpiewYFodExVPTP3rC

Entry address:
0x1240

Entry point:
55, 89, E5, 83, EC, 14, 6A, 02, FF, 15, 08, 41, C8, 01, E8, BD, FE, FF, FF, 8D, B6, 00, 00, 00, 00, 8D, BC, 27, 00, 00, 00, 00, 55, 8B, 0D, A8, 41, C8, 01, 89, E5, 5D, FF, E1, 8D, 74, 26, 00, 55, 8B, 0D, 68, 41, C8, 01, 89, E5, 5D, FF, E1, 90, 90, 90, 90, 55, 89, E5, 83, EC, 08, A1, E8, 3D, BE, 01, 85, C0, 74, 3B, 83, EC, 0C, 68, 00, 40, BE, 01, E8, DC, F5, 23, 00, 89, C2, 83, C4, 0C, B8, 00, 00, 00, 00, 85, D2, 74, 0F, 50, 50, 68, 0D, 40, BE, 01, 52, E8, D1, F5, 23, 00, 5A, 59, 85, C0, 74, 0D, 83, EC, 0C...
 
[+]

Entropy:
2.6357

Packer / compiler:
Dev-C++ v5

Code size:
2.9 MB (3,081,728 bytes)

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.