Query result

Key	Value
FileName	./usr/lib/x86_64-linux-gnu/prelude-lml/debug.so
FileSize	14328
MD5	C30666B434E86570D2D8875F1DB492C8
SHA-1	0E37BC97647826ECB21E7FF8A3A5FB90A70BC90D
SHA-256	E303A53ADD79110563200803AA9136AA2C38673241B3FF4BDEB6B4AA4997A1D1
SSDEEP	96:R2wLpADBWBcE97tvcODMk3zre4gXj2rboyv0dt4AoWK6ON+iV58xU:Rs8vcOlzxnAtwHKi
TLSH	T1D352750AA264C67FC4FC0774C0A75AF022B4714497B2973BB62462781D92358EB73DAD
hashlookup:parent-total	1
hashlookup:trust	55

Network graph view

The searched file hash is included in 1 parent files which include package known and seen by metalookup. A sample is included below:

Key	Value
FileSize	222736
MD5	4A4A8B52DB3E972AEB0047AA40181466
PackageDescription	Security Information and Events Management System [ Log Agent ] The Prelude Log Monitoring Lackey (LML) is the host-based sensor program part of the Prelude SIEM suite. It can act as a centralized log collector for local or remote systems, or as a simple log analyzer (such as swatch). It can run as a network server listening on a syslog port or analyze log files. It supports logfiles in the BSD syslog format and is able to analyze any logfile by using the PCRE library. It can apply logfile-specific analysis through plugins such as PAX. It can send an alert to the Prelude Manager when a suspicious log entry is detected.
PackageMaintainer	Pierre Chifflier <pollux@debian.org>
PackageName	prelude-lml
PackageSection	admin
PackageVersion	5.2.0-2
SHA-1	49F04B3E4472DDD1759251B3EE60CA902E5404E6
SHA-256	F46AEE456D1F5568D818BCD598B6B886A409877C66CBB3D3680B69CF439AA5B1