| Key | Value |
|---|---|
| FileName | ./usr/bin/tsk_gettimes |
| FileSize | 11024 |
| MD5 | A997A8611A0E1ABDE19A11BCECC33E92 |
| SHA-1 | 1323EA08B5D3E1DC83078DED30F3A0914E132696 |
| SHA-256 | 57B464749D8C0BCEFEB27CBE4378E1106B916353DD5FE7B9DB56642C086CE0A7 |
| SSDEEP | 192:jHU8bjtwvg5BEH7cajEFkLiUEtWxE/GvtJGph:jHpbjD56H7cayigWx86tm |
| TLSH | T19C32C58AF482CF77CDC00E3999470B5532628DE08B5B8717416CB2332E2229E5F5FE56 |
| hashlookup:parent-total | 1 |
| hashlookup:trust | 55 |
The searched file hash is included in 1 parent files which include package known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| MD5 | 2CD9D02191F6EC90EBCDDB6FC436A56D |
| PackageArch | armv7hl |
| PackageDescription | The Sleuth Kit (previously known as TASK) is a collection of UNIX-based command line file system forensic tools that allow an investigator to examine NTFS, FAT, FFS, EXT2FS, EXT3FS and ExFAT file systems of a suspect computer in a non-intrusive fashion. The tools have a layer-based design and can extract data from internal file system structures. Because the tools do not rely on the operating system to process the file systems, deleted and hidden content is shown. When performing a complete analysis of a system, command line tools can become tedious. The Autopsy Forensic Browser is a graphical interface to the tools in The Sleuth Kit, which allows one to more easily conduct an investigation. Autopsy provides case management, image integrity, keyword searching, and other automated operations. |
| PackageMaintainer | daviddavid <daviddavid> |
| PackageName | sleuthkit |
| PackageRelease | 1.mga8 |
| PackageVersion | 4.10.1 |
| SHA-1 | 266D2F30C737D3651085B75EC8BD34025F7E33BE |
| SHA-256 | 275ABCABF1F3B2B2E5A12C8565089D51EE41752C3126C3B04A5A3D5C5A403C23 |