Query result

Key	Value
FileName	./usr/bin/knock
FileSize	9696
MD5	1C9A031E9CAF7B88386C95956CF326D6
SHA-1	252BD4868C1F383194E36E8B501067A64BD1B564
SHA-256	689EEEAEC5149353DF27493522F0BBA8E20E7F466311CA3C1C336F27E29FBE3A
SSDEEP	96:OhzQqI11HQuB6WBu19ik0xarbmQfMOOHJR4d/5IVB8WXMnCP1OyQ4iqoEl:UEqyiuoWm9ik0QmkjD/OVaAoCNO1
TLSH	T1D012C658BA63CF32C3E3423C80D72F786171C149A6D2E793B70CA6482E066DC9F12B61
hashlookup:parent-total	1
hashlookup:trust	55

Network graph view

The searched file hash is included in 1 parent files which include package known and seen by metalookup. A sample is included below:

Key	Value
FileSize	25162
MD5	3398668727164835F75DC20A70551517
PackageDescription	small port-knock daemon A port-knock server that listens to all traffic on a given network interface (only Ethernet and PPP are currently supported), looking for a special "knock" sequences of port-hits. A remote system makes these port-hits by sending a TCP (or UDP) packet to a port on the server. When the server detects a specific sequence of port-hits, it runs a command defined in its configuration file. This can be used to open up holes in a firewall for quick access.
PackageMaintainer	Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
PackageName	knockd
PackageSection	net
PackageVersion	0.7-1ubuntu1
SHA-1	21F68A5E3807A42469619847F28C7019E7577B7B
SHA-256	98D899CDE75C4AE658999BCE35F4EB64D433C416B7C5C0AB991C3D33078B2650