home

redsn0w.exe

MD5:
f18cc0951ed5a4cb7551f7fbe431dd14

SHA-1:
52527aa25a5f621fe6d81854f0c148b56ab69942

SHA-256:
75a711e493306e9b12da58baa9e564f2c0e0dd7ea2b7a51cda166c4cfbae111c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
4/8/2025 5:11:55 AM UTC  (today)

File size:
14.6 MB (15,257,088 bytes)

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
11/29/2010 5:28:49 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.56

CTPH (ssdeep):
393216:6RMIPWs5n5zDj167WH+4E3ayYZnCgyev:6SyDjV43a3H9v

Entry address:
0x1240

Entry point:
55, 89, E5, 83, EC, 14, 6A, 02, FF, 15, CC, 80, 2A, 01, E8, BD, FE, FF, FF, 8D, B6, 00, 00, 00, 00, 8D, BC, 27, 00, 00, 00, 00, 55, 8B, 0D, 6C, 81, 2A, 01, 89, E5, 5D, FF, E1, 8D, 74, 26, 00, 55, 8B, 0D, 2C, 81, 2A, 01, 89, E5, 5D, FF, E1, 90, 90, 90, 90, 55, 89, E5, 83, EC, 08, A1, 08, 6C, 23, 01, 85, C0, 74, 3B, 83, EC, 0C, 68, 00, 70, 23, 01, E8, 1C, 5D, 1B, 00, 89, C2, 83, C4, 0C, B8, 00, 00, 00, 00, 85, D2, 74, 0F, 50, 50, 68, 0D, 70, 23, 01, 52, E8, 11, 5D, 1B, 00, 5A, 59, 85, C0, 74, 0D, 83, EC, 0C...
 
[+]

Entropy:
7.4902

Packer / compiler:
Dev-C++ v5

Code size:
2.3 MB (2,397,696 bytes)

The file redsn0w.exe has been seen being distributed by the following 2 URLs.

http://ro2.fileshare.ro/download/.../redsn0w.exe

http://dc385.4shared.com/download/.../redsn0w096b5.exe

Scan redsn0w.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.