Query result

Key	Value
FileName	./usr/lib/python2.7/dist-packages/plaso/parsers/olecf_plugins/default.py
FileSize	3635
MD5	67969AFA05ECAE6268993B1F1A572E4D
SHA-1	0228D7BC2AF7119DBC959FB3A810C1D4C457D9DF
SHA-256	03B11B1EF435E81E61C22ED4AB1CC3B6A7583E6EAB27EAA23A570FD23069BDDF
SSDEEP	48:+Zcbh+huq/ERK0TNHwUrPQjMPZ4OjEDi5ImCui47dPlnDoYLOIE+c10Go4kYKRT2:R4J/I6jMBTaYik2vBWF4k/TTS
TLSH	T1B171D203E949B543A15BF99F0ACD184293710ACBD594FB643DACDC647F41A21E2F3DA4
hashlookup:parent-total	1
hashlookup:trust	55

Network graph view

The searched file hash is included in 1 parent files which include package known and seen by metalookup. A sample is included below:

Key	Value
FileSize	1133048
MD5	8B1EF8100B2A967661C5808AB3011D8D
PackageDescription	super timeline all the things Plaso (plaso langar að safna öllu) is the Python based back-end engine used by tools such as log2timeline for automatic creation of a super timelines. The goal of log2timeline (and thus plaso) is to provide a single tool that can parse various log files and forensic artifacts from computers and related systems, such as network equipment to produce a single correlated timeline. This timeline can then be easily analysed by forensic investigators/analysts, speeding up investigations by correlating the vast amount of information found on an average computer system.
PackageMaintainer	Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
PackageName	plaso
PackageSection	admin
PackageVersion	1.4.0+dfsg-2
SHA-1	7E3FE51A7A96628C31490742D671A883B852CB64
SHA-256	9E12F110FF3D76B37AC55A0B99802FEC8A76B1D918F213AE76529A01CDC24008