| Key | Value |
|---|---|
| FileName | usr/lib/python2.7/site-packages/pypykatz/lsadecryptor/packages/dpapi/decryptor.py |
| FileSize | 2255 |
| MD5 | 5832B2E2E515FAE87CD9730C53235DD1 |
| SHA-1 | 0D820DCAD17B2C8E2102712DEBE2F489EC3E0AD4 |
| SHA-256 | 3B89EC794634A5EDBA4F86623677413725CA8DB2BE45A75039431AA80237CFC9 |
| SSDEEP | 48:UxEc1c1XzXQXt6X5lX0WN3OU0RL6ECPJXeLzluRFJlUzeAWOwK:EEtsW+WN3OU0RL6pgUt47 |
| TLSH | T1374112898D7DE2140ED723ADE5B0E2079D5918633DFD04416FFCABDA1E90133A268E14 |
| tar:gname | root |
| tar:uname | root |
| hashlookup:parent-total | 1 |
| hashlookup:trust | 55 |
The searched file hash is included in 1 parent files which include package known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| FileName | http://mirror.math.princeton.edu/pub/blackarch/blackarch/os//x86_64//python2-pypykatz-0.3.9-1-any.pkg.tar.zst |
| MD5 | 9A047E5E9C6A7228AE39627BF3BB64FA |
| SHA-1 | E2D800EBFAD34863610C9B64145D8146A433BFEA |
| SHA-256 | DB3367546FC58397C0D585EBCE170077005B28C6F0F52EBAB6B19C11C39BB7BA |
| SSDEEP | 6144:wh8GNSo5PyTu1TcJcBScLXHDqeXTsGO5GtjRwdUPzDwVg81aL/C/Dt00fjf3DZsQ:whv5Py8TcLcjHDqeXQGOQtEUPz8WWaLo |
| TLSH | T1AD6423BC41EA49F7DF9650CFB9FC9AE031C5289F80906F524B55F86F1DAA08EE1501A3 |