| Key | Value |
|---|---|
| FileName | http://dl-cdn.alpinelinux.org/alpine/latest-stable//main//x86//audit-3.0.7-r0.apk |
| MD5 | DFC52BE98E657E076B93DF57CEE0F323 |
| SHA-1 | 1A5755D5975799AD435040BC7545C2980B839489 |
| SHA-256 | B5E0BB129B63FEA37157378C2C66876F91EEA1D8E2CBA733A37DF126D655DF9A |
| SSDEEP | 6144:3Uo9la8Sx4O4r88sdeVMnBZCJ8hipzHI7hB4xOF9aA1fn0F:3U0s7LC89gVMnCW+z834AFoA1vM |
| TLSH | T11B3423CCA2A70E18C83F90AB7B599C5C849A5F5A17BFE294788C30C5D430ABD4B953DD |
| hashlookup:children-total | 60 |
| hashlookup:trust | 50 |
The searched file hash includes 60 children files known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| FileName | usr/share/audit-rules/30-ospp-v42-2-modify-success.rules |
| FileSize | 826 |
| MD5 | F583259AD73E913DB48A76E8A0C24863 |
| RDS:package_id | 294718 |
| SHA-1 | 0035557B33B9BBB564FB1DE550BA031D49C37F30 |
| SHA-256 | CAEB9A7F4BB77AB89027F11789E02EB6E9B4F2FC4346EEAEA25EFE1730D83FE6 |
| SSDEEP | 12:j3toeuFecEIWyb0FeVEIWyb0FecwIwWyb0FeVwIwWyb0FeHAWyb0Fe3MAWybE:j2gczWKVzWKcwLWKVwLWKgWK3rWT |
| TLSH | T15001D29342B430F05F6B43A3C864DEB83405471E93635DC5D186E9D9DD1943ABEC390E |
| insert-timestamp | 1696439445.0774827 |
| source | db.sqlite |
| tar:gname | root |
| tar:uname | root |
| Key | Value |
|---|---|
| FileName | etc/audit/audisp-remote.conf |
| FileSize | 751 |
| MD5 | 6B9A1CDD94C4BBD6412277D53D88B219 |
| RDS:package_id | 288579 |
| SHA-1 | 00D79C5DD2DB86433D421826135FEF137DC5A0E4 |
| SHA-256 | C4DD732801EA45BCDC85CB8BCB1171E82DAF1FB100CFDED9521D8F6CF685FFF4 |
| SSDEEP | 12:LzAKRDoWZ3wPHt073ebjM5KhdlFRRZxd9YqXEfv+BkwBZHmdEmMDADAkw42dKZri:1onP+DebLht/103+mwb+6b+Zr+ppHptz |
| TLSH | T1DD01B87820FA3C331CB76989F1A2FA8703B9701434CC10047367D1A41DAD6F8DB175A2 |
| insert-timestamp | 1670547901.3677263 |
| source | modern.db |
| tar:gname | root |
| tar:uname | root |
| Key | Value |
|---|---|
| FileName | usr/sbin/auditctl |
| FileSize | 42284 |
| MD5 | 3B9B8BD4489631968F21004AB9598EA9 |
| SHA-1 | 020CB337862D6F9121081EA17505DBA6BB5784BA |
| SHA-256 | 3A7D851C63A1E8CD3D8731B03639C77BFB23E026633525E90545ED9A6F50E6F2 |
| SSDEEP | 768:KBBT6tAUj9alVLfTRlHCc6t1NYpkDpS4LUpwBCSBWP6wiVKg0u+7v1kIMzeGE1YS:KBA4tX+rYipdLESMPjiVO1 |
| TLSH | T12213F84F7396D2B1E0E202F48B5752155A78940EC17BF247F58E739EBB2A11ADC62338 |
| tar:gname | root |
| tar:uname | root |
| Key | Value |
|---|---|
| FileName | usr/sbin/autrace |
| FileSize | 17584 |
| MD5 | 065E6BB55A55727D265E3E8E8ED5D2F7 |
| SHA-1 | 0A15450D629877D1AA5F460A65495284BFFB7184 |
| SHA-256 | 9B75120E20A73EEB81A512BC087F81E5F836E6A1DE1C5C4FC0731B2CDB28EACA |
| SSDEEP | 384:M3Z7HMOa0MGggTjNKsqu8E6yLSfE/nnLqhhhhDhhhhhIfR:K9HMOa0jfTRKsqQLfLqhhhhDhhhhhIp |
| TLSH | T1E582C776B752C072F05271B9558B823591B9CA0DDA63C303BF0C335DAD761A8E91B379 |
| tar:gname | root |
| tar:uname | root |
| Key | Value |
|---|---|
| FileName | ./usr/share/audit/sample-rules/30-pci-dss-v31.rules |
| FileSize | 6179 |
| MD5 | 70B8DE2048C6B44A784AB221B95BA995 |
| RDS:package_id | 293704 |
| SHA-1 | 129423A508685ECE22A9EB155D9A0150EEF0FD82 |
| SHA-256 | A6D974558DAE7B6D24EDF083A0D72BB8D15AC463DA0717FCD854235168390033 |
| SSDEEP | 192:KGct29tkiKacQHguhLCZ0/XKANc4cIiKy2/P:KGcw9zcQH3SGhiF2/P |
| TLSH | T149D13157636927319D1743E3EA5CB2EAE718809D3336B4EC4184A079EC6643A63E371E |
| insert-timestamp | 1678960636.6124964 |
| source | RDS.db |
| tar:gname | root |
| tar:uname | root |
| Key | Value |
|---|---|
| FileName | usr/sbin/audisp-syslog |
| FileSize | 13492 |
| MD5 | C3E6B4C6A06BC53DBE84E133BB1595FB |
| SHA-1 | 13F1937A456DB9415662F01DF6BC8F82E4B31508 |
| SHA-256 | F5BF5314BFA3C15B8EC6D36A98FD596927C4966B883E44F9508F043D84A5A125 |
| SSDEEP | 192:2vrt4dLyR8EX3Qgc2EwjR2AP16Tcz4nAWfBENEAHmMNOOUBfykojM:2vr008GggTjRd16TckB+ECrOOeJ |
| TLSH | T13C52B73B7B12E5B2D4911238A80F6B484332CC549AA7D3437B08239DACE13489F33779 |
| tar:gname | root |
| tar:uname | root |
| Key | Value |
|---|---|
| FileName | usr/share/audit-rules/README-rules |
| FileSize | 1421 |
| MD5 | 6405EBAE48BB89AF7FF7DF3385F1448E |
| RDS:package_id | 294718 |
| SHA-1 | 148ACBDD22A8BF666CA5A3E284E4AC9EBF910926 |
| SHA-256 | 00E0926039F166A9F8D5B0B825E33358C7F2C1CCC6F86067BA2F684C26D13F95 |
| SSDEEP | 24:zPopzNwKFwInXYhOOayvCEAqH/JuNLcoY1awOdzXxLmEZ:UxFJXYhfLAC7ONXxLZ |
| TLSH | T125210F1B67899B2A408333DAFECE12D9AF1581BD5368A530549F001EBE5177915F39D0 |
| insert-timestamp | 1696439444.1184876 |
| source | db.sqlite |
| tar:gname | root |
| tar:uname | root |
| Key | Value |
|---|---|
| FileName | usr/share/audit-rules/30-ospp-v42-3-access-failed.rules |
| FileSize | 625 |
| MD5 | 852D1A243E59DD5961F3D9F5C5592BAC |
| RDS:package_id | 294718 |
| SHA-1 | 149781B05552A0CDA6C6159984F21EE76540A154 |
| SHA-256 | 74AA84E36882DD5F1BC4F1953B938FC6425A00D28D0C36232B16A5AEADC7B413 |
| SSDEEP | 12:jEttqOQYENLFecOr9DeFeVOr9DeFecOm9DeFeVOm9D+:jkqO3JcOr9nVOr9ncOm9nVOm9K |
| TLSH | T1BEF096DFC33434744A0A179789B54FBDF808511D533359CAC68416C1FE514B52AC2EAD |
| insert-timestamp | 1696439445.0373838 |
| source | db.sqlite |
| tar:gname | root |
| tar:uname | root |
| Key | Value |
|---|---|
| CRC32 | 1770520E |
| FileName | usr/share/audit-rules/10-base-config.rules |
| FileSize | 244 |
| MD5 | DEF45A38095C1C16EA919317B8020A83 |
| OpSystemCode | 362 |
| ProductCode | 214118 |
| RDS:package_id | 294718 |
| SHA-1 | 17C157514A3D87C906A6C830DF30C7FF3966C798 |
| SHA-256 | 54C2CEBDAADFB928F7327CC066218E38743F0FF94D02FE162A7A415E148D23A8 |
| SSDEEP | 6:jO2/q9RjRiNChQYF9FxNVYKAtOFPQYmFnNGd:jOuqHIQGYF9Lx+OQBgd |
| SpecialCode | |
| TLSH | T117D0A72D87B4B571095E03DF6A4673F39E6D214DA5603019208F683B458739FC53BA92 |
| db | nsrl_modern_rds |
| insert-timestamp | 1696439445.5309117 |
| source | db.sqlite |
| tar:gname | root |
| tar:uname | root |
| Key | Value |
|---|---|
| CRC32 | 3A7C8B00 |
| FileName | usr/share/audit-rules/20-dont-audit.rules |
| FileSize | 516 |
| MD5 | D934C2422C817C2B77642AD46BB84235 |
| OpSystemCode | 362 |
| ProductCode | 214118 |
| RDS:package_id | 298595 |
| SHA-1 | 25A33F84D427058145AB35E26BA4BEEA6678743E |
| SHA-256 | DA083A4565D649A86F0FA56D1ED0B686BA78DA80A24B290924B9DA9FF30743D4 |
| SSDEEP | 12:jLuJLLgf2WycHLrq5Az3RmNTF71KXdKlhkqw/Cpr:jLmLLgb7Lrq5AUYIUqqCl |
| SpecialCode | |
| TLSH | T162F00E216264F1314AAF23842F0D4DC90B2885A17B1136CC70A98E2AB533179F6C4EFD |
| db | nsrl_modern_rds |
| insert-timestamp | 1696458478.5309615 |
| source | db.sqlite |
| tar:gname | root |
| tar:uname | root |