Result for 2B7DB28D2C7676F4C06E8A32A0AEE080EA80A802

Query result

Key Value
FileNamepefile.py
FileSize230141
MD5A0E95542585D27BBC78F83C34F705C8D
RDS:package_id222721
SHA-12B7DB28D2C7676F4C06E8A32A0AEE080EA80A802
SHA-256B6230D57B9AE594D919580F66C7A28CA26BBC227B4D88D2E96C084BBFACADDA7
SSDEEP6144:SCWxp4zVvKbzA6OMLgitFEuAoV/DYiIglKb6rDEH:SCq4zpKtD+Nx
TLSHT1EB24D623B92126A29293986E48DBE0035765744B059C643CBDFC81542FA85BCDBF3FF9
insert-timestamp1727040926.379533
sourceRDS.db
tar:gnameroot
tar:unameroot
hashlookup:parent-total3
hashlookup:trust65

Network graph view

Parents (Total: 3)

The searched file hash is included in 3 parent files which include package known and seen by metalookup. A sample is included below:

Key Value
FileNamehttp://mirror.math.princeton.edu/pub/blackarch/blackarch/os//x86_64//python2-pefile-2019.4.18-5-any.pkg.tar.zst
MD5BEC35C49BA7792156B08C7FDF81E44BE
SHA-18C27C67ECEFCDDFE280115C52A5E0B931D65AC83
SHA-256C08B1366036A7A0103338A1F144B4F574DA56855BEF6EEDF993393A52E139667
SSDEEP3072:R6Oa5y61nInEEiM+NZDDZjZXAbXU0F/FomWACUH62lG4jTpUMxbmbhlXtW:R6OyyvibN3CI0alSTpUMIhlE
TLSHT1E9042341A0CFB05D226E43E9F79541AAFCDC5893FBD7B207DE2609516C18B63E8F0A64
Key Value
FileSize56388
MD55322B93AF8902F94A9BFCF50BEEE3E5D
PackageDescriptionPortable Executable (PE) parsing module for Python pefile is a Python module to read and work with Portable Executable (PE) files. Most of the information in the PE header is accessible, as well as all the sections, section information and data. . All the basic PE file structures are available with their default names as attributes of the returned instance. . Processed elements such as the import table are made available with lowercase names, to differentiate them from the upper case basic structure names. . pefile has been tested against the limits of valid PE headers; that is, Windows malware. Lots of packed malware attempt to abuse the format beyond its standard use. . Some of the tasks that pefile makes possible are: * Modifying and writing back to the PE image * Header inspection * Section analysis * Retrieving data * Warnings for suspicious and malformed values * Packer detection with PEiD signatures * PEiD signature generation
PackageMaintainerHilko Bengen <bengen@debian.org>
PackageNamepython3-pefile
PackageSectionpython
PackageVersion2019.4.18-1.1
SHA-1083D134A746DDF47A2C37E5DC288DBF0A192BAA2
SHA-256D8FB32BE8275F88EBBC54BEE310E4719D4AED9615B68050C1C0B5CCD41BD8135
Key Value
FileSize55936
MD568E13894212A483DE0BC7E2A112D3F1A
PackageDescriptionPortable Executable (PE) parsing module for Python pefile is a Python module to read and work with Portable Executable (PE) files. Most of the information in the PE header is accessible, as well as all the sections, section information and data. . All the basic PE file structures are available with their default names as attributes of the returned instance. . Processed elements such as the import table are made available with lowercase names, to differentiate them from the upper case basic structure names. . pefile has been tested against the limits of valid PE headers; that is, Windows malware. Lots of packed malware attempt to abuse the format beyond its standard use. . Some of the tasks that pefile makes possible are: * Modifying and writing back to the PE image * Header inspection * Section analysis * Retrieving data * Warnings for suspicious and malformed values * Packer detection with PEiD signatures * PEiD signature generation
PackageMaintainerUbuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
PackageNamepython3-pefile
PackageSectionpython
PackageVersion2019.4.18-1.1
SHA-138C855927B24C7BA33895BC6B8973E101B08A048
SHA-256524541253D4DFCD62059E9C02D4CCD7DD781ACD96573D7CF43473CAEE94ED078