Result for 03A0892D22997DCDE7EE1A551D5AA43CEDE5B671

Search result
Graph view
Parent (119)

Query result

Key Value
CRC323A2720ED
FileNamews2_32.py
FileSize3032
MD555E027063196AF2B10E977AA0FFA753B
OpSystemCode{'MfgCode': '1006', 'OpSystemCode': '362', 'OpSystemName': 'TBD', 'OpSystemVersion': 'none'}
ProductCode{'ApplicationType': 'Italian', 'Language': 'English', 'MfgCode': '2535', 'OpSystemCode': '598', 'ProductCode': '17409', 'ProductName': 'Computer Aided Investigative Environment (CAINE) Computer Forensics Live Linux Distro 7.0', 'ProductVersion': 'd. 2016-01-27'}
RDS:package_id222721
SHA-103A0892D22997DCDE7EE1A551D5AA43CEDE5B671
SHA-256F9ED386E469089297D620FBE0436B7D736C4068960D76900EF6A109ECB3DCABE
SSDEEP48:dBP+VvcLTspKQqUyIhVldouQQ6IbWE6Zx8B0qMZ/jfexRsByhz4eUtrfrtEh6ltJ:n2zXdoNQ6IWTZx8BXMZLexKByhEeUtr/
SpecialCode
TLSHT11F513B30665E89AF10C9FE02AF5E94365C09134B9C173875FBD90ACA4F6ED0CB6F5622
dbnsrl_modern_rds
insert-timestamp1727040564.6444898
sourceRDS.db
tar:gnamewheel
tar:unameroot
hashlookup:parent-total119
hashlookup:trust100

Network graph view

Parents (Total: 119)

The searched file hash is included in 119 parent files which include package known and seen by metalookup. A sample is included below:

Key Value
FileNamehttps://ftp.lysator.liu.se/pub/OpenBSD/5.8/packages//i386//py-pefile-1.2.10.139.tgz
MD5D676EA2E82A587577EFB5C7B8B242D07
SHA-10092E1D5D61B3823A8E708421D84E4233CD4038C
SHA-256AC6E6AE13D9D829201F9427B00E9D0E62F6D79E1B0EAFF878D9566968C416C4E
SSDEEP3072:hHID3fWUY6kYctC69wa2xOxsMufA7Kb41vvP:hHA3zFkR7FgOxsMufaKb4R
TLSHT100B312F0E811550705AD7BE87D3A2A118148A157A75CAFDCDEFC3B318AB047F0B98D5A
Key Value
FileSize142620
MD59A35E73A7BB58C6F99583A446371AE90
PackageDescriptionopen source tool to perform static analysis on PE malware PEframe is a open source tool to perform static analysis on Portable Executable malware and generic suspicious files. It can help malware researchers to detect packer, xor, digital signature, mutex, anti debug, anti virtual machine, suspicious sections and functions, and much more information about the suspicious files.
PackageMaintainerSascha Steinbiss <satta@debian.org>
PackageNamepeframe
PackageSectionutils
PackageVersion5.0.1+git20170303.0.e482def+dfsg-3
SHA-1069C86B4EEC137A3E48211BD3A93AE6C45DF8E4C
SHA-256A48E808D942DD7CA332699E35E0B25EC1DD451F81F55EB0F72BD6F9DFBC08015
Key Value
FileNamehttps://ftp.lysator.liu.se/pub/OpenBSD/6.9/packages//mips64//py-vivisect-0.0.1a.tgz
MD58B76D6E9458192F332AEB54AD5183FB5
SHA-10B8A814D90317AB759AEAEBBD03519DB51797B22
SHA-25698EB2B9962F116AE097ABA3411F51FF6C3FBCB19D499B0EF18F0C7FCF00B8E01
SSDEEP98304:6Zh2YitUm9hVKlkZvbG+W5GQKlZke49N5Dtvcp8/xpbwK+Lc1XBU4ORf4KReH:6ZUYiKm9hVo5UMVtvdp8ZA1XKCeeH
TLSHT1ED6633BECC6DB827C838865E704D4FAD5055D26E1F0F48ECDB10E850C25B9968EAF627
Key Value
FileNamehttps://ftp.lysator.liu.se/pub/OpenBSD/5.6/packages//amd64//py-pefile-1.2.10.139.tgz
MD54D75F0A883B1E5146A613BCE99DEE42A
SHA-10E185FD1A7C14FD073AFE15C9D7FEFE59B5DABD3
SHA-2567E3C3E95F0F1148EC5CABB04B7411DE3A21BD5EDE333E6D1AA463F64160B50EC
SSDEEP3072:Sub9oEccAHt2tnW7zOkjC2O5fSgz1vnLEMB6bm:b97ccAN2tW7akjC2YqgJ3Cm
TLSHT150B31267F0EE4C0BF3319B3516572A286C26CC4DE44F629EB61A07B45D10E872F2B64B
Key Value
FileNamehttps://ftp.lysator.liu.se/pub/OpenBSD/6.2/packages//arm//py-pefile-1.2.10.139p2.tgz
MD5A10BB0562718F754C8633A9546323DC6
SHA-10E247C6E77CA4151890C16C840CBE047B1083823
SHA-256E02D329F0793E644A9F1CAEE844ABD33B737B5B0B1CA8731864DEC393EAEB32E
SSDEEP3072:ZCU71G8aSU/q3D5SU2ZqAx3ZbnxoMceRkD6/mvq:ZCU71G/SU2UUCxZFobNDCOq
TLSHT18DB312FF5E9A02C98F9D7AA4D2F3151F09DAFB494FF0F5A6D77A09E84C118B58485800
Key Value
FileNamehttps://ftp.lysator.liu.se/pub/OpenBSD/6.6/packages//sparc64//py-vivisect-0.0.1a.tgz
MD5B828ABA21055A2C115166FD0CE84C3DD
SHA-10EB4DFD1555A000710D3706243AB8A21B8B77C75
SHA-2560C1F1B36862A97C795CCA9F47EF893831133B6AEFF7FE9C6E26B54BBCAF62A46
SSDEEP196608:Xr37v/YRlskXy+fKVLREboR8meQUh8wtI:rLYjbXy+SVVf86Uk
TLSHT1DF66333CEAFAB030F918C3BB8657A70AD75E94A53907E069C8B5569B7B0C77404C7392
Key Value
FileNamehttps://ftp.lysator.liu.se/pub/OpenBSD/6.5/packages//i386//py-vivisect-0.0.1a.tgz
MD5E097B3D101E0401D440835FF71D4A4EC
SHA-11386CA595D5F96AE79F88AB053172C0A4D187D94
SHA-256FA2296A590766E7325DFB110B9E3FCE0FC8556FB22CA5FFB2CE30D4519C6E1AA
SSDEEP196608:E2MLMYDkykXy+fKVLREbOK0MR9oVeLRru:qIYDktXy+SVV80MRqVeLR6
TLSHT1F366332CE9F611A2D55822F283B67589DB0F4DA8F217E2FECC725144B519AAC1C067F3
Key Value
FileNamehttps://ftp.lysator.liu.se/pub/OpenBSD/6.0/packages//hppa//py-pefile-1.2.10.139p2.tgz
MD57794CCA063E36D499C0EE188B06F0A56
SHA-114C66D2CDD540276E24137027F1FD31B972706F2
SHA-256D2DA6760F401B7C247B0F9B9BD5E41D7FBA5D2E74CE7931855709EC5C1B419E1
SSDEEP3072:Y8H/im7Uff9ro0/6iMtgaH5e82UvMq8400Ch:Y8H/i7l/GHwbuc
TLSHT15AB312E7669CED91BA1AC540C8A8341CF1268720972C0EB83AB5BA343AF5CB4065D1DC
Key Value
FileNamehttps://ftp.lysator.liu.se/pub/OpenBSD/6.9/packages//powerpc//py-vivisect-0.0.1a.tgz
MD589BB1EAABFCD71FBEEF7D64E0D8C2608
SHA-116583E36DAB30C9E4B82A8DE0A3CEBE6D0DD3B15
SHA-256CF3B6A30C643905FE999201526AD4CFD9836E3936FDB15BC84DFB6404F025D94
SSDEEP196608:z2MLMYDkykXy+fKVLREbOK0MR9oVeLRru:DIYDktXy+SVV80MRqVeLR6
TLSHT1CB66332CE9F621A6D51922F243A2748D9B0F4DA8F617E2FECC725044B619E9C1C05BF3
Key Value
FileNamehttps://ftp.lysator.liu.se/pub/OpenBSD/5.7/packages//sparc64//py-pefile-1.2.10.139.tgz
MD57CD645D5BB4D1D86E52AF9E2B8BC487E
SHA-118F45F63D015D7EE9F29236D66811DED78BED911
SHA-256A5BD6A295D7857D46E0A77DF2A1707C2AE3F04F2D57CE14376E3C3DC678D63BD
SSDEEP3072:Dgz83d9fHFPNCIEKHW1QTJLmLnv6J9N8Cl:DO83JNCIEKHW1IJY6jl
TLSHT15BB312407C660D9F4C19D192E18E2C79D2FC06AFE0BBEE01B51B41DA857F149A2B9DCB





metalookup is a service from miwakeru.com