Query result

Key	Value
FileName	./usr/lib/mips64el-linux-gnuabi64/prelude-lml/debug.so
FileSize	10704
MD5	A911871936133C51EF0A883F9AB41793
SHA-1	03B9D5D440D500493D5AB0B56928730FBC026C12
SHA-256	E8B1A0FE63CE121EA363E36EB34DA6C1F6A75F749FC182328CE099B4A0214CBE
SSDEEP	96:uQIBU4IxsIBWBcB9d8sbJbqanqIs0X/J0X2e22r9ZlqiyCyRsAoEHXN:uiB80TsJr9Z
TLSH	T1D822A69EFB189E2BC1D54F32C46F8A64133F6D5E639203235A6892B12C4BB4C4FC548A
hashlookup:parent-total	1
hashlookup:trust	55

Network graph view

The searched file hash is included in 1 parent files which include package known and seen by metalookup. A sample is included below:

Key	Value
FileSize	213408
MD5	2452E0C04C1CCE71ED41C787506E48F1
PackageDescription	Security Information and Events Management System [ Log Agent ] The Prelude Log Monitoring Lackey (LML) is the host-based sensor program part of the Prelude SIEM suite. It can act as a centralized log collector for local or remote systems, or as a simple log analyzer (such as swatch). It can run as a network server listening on a syslog port or analyze log files. It supports logfiles in the BSD syslog format and is able to analyze any logfile by using the PCRE library. It can apply logfile-specific analysis through plugins such as PAX. It can send an alert to the Prelude Manager when a suspicious log entry is detected.
PackageMaintainer	Pierre Chifflier <pollux@debian.org>
PackageName	prelude-lml
PackageSection	admin
PackageVersion	4.1.0-2
SHA-1	104CA582AEE75274E483167EEC0B31EB1062A7B8
SHA-256	E33FAAE2DF4B1D01A129C58E6466F67F67DAEF2050DF1383894909312D7090AE