Query result

Key	Value
FileName	./usr/lib/python2.7/dist-packages/plaso/parsers/selinux.py
FileSize	6338
MD5	DD7D8F084E257E3A0406F33D9C49CB81
SHA-1	02278C206CC0173A8372CB288413696AA9E2DF5C
SHA-256	BE0BB888A38AD26545D5DAB1ACE858143194E4C5FD9A85BADA6B58309DE6B9E3
SSDEEP	192:jhanmGDkuIZZrzU4BxgSzys9HznzpHzsrzatKzUgonKzU/MSuJq2M+9Tyx0:jANDk/ZZ3U4ngSyOTnNHArWtKUg2KU/8
TLSH	T178D16312B476A37281D7A1EA0DCCB405572211E3560E4EA4FCCC0D7A7F01659EEA3EF5
hashlookup:parent-total	1
hashlookup:trust	55

Network graph view

The searched file hash is included in 1 parent files which include package known and seen by metalookup. A sample is included below:

Key	Value
FileSize	1195000
MD5	6329D2C6FA5145C5823DD2D0F5527127
PackageDescription	super timeline all the things Plaso (plaso langar að safna öllu) is the Python based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system.
PackageMaintainer	Debian Security Tools <team+pkg-security@tracker.debian.org>
PackageName	plaso
PackageSection	admin
PackageVersion	20190131-1
SHA-1	2AF36C8B57653236183E6F68DA56B7831595E24B
SHA-256	A19521491A92C56B0B35508186DE43E318BA71DC0D8EFB66CC45104AC92E009B