Result for 5F62D61B1BFE98FFF5DDC3B47CBB419AC2A85E87

Search result
Graph view
Parent (68)

Query result

Key Value
CRC3252E748EA
FileName__init__.py
FileSize659
MD5CE39925942A2D623C28D64A9D98CA1A6
OpSystemCode{'MfgCode': '1006', 'OpSystemCode': '362', 'OpSystemName': 'TBD', 'OpSystemVersion': 'none'}
ProductCode{'ApplicationType': 'Italian', 'Language': 'English', 'MfgCode': '2535', 'OpSystemCode': '598', 'ProductCode': '17409', 'ProductName': 'Computer Aided Investigative Environment (CAINE) Computer Forensics Live Linux Distro 7.0', 'ProductVersion': 'd. 2016-01-27'}
RDS:package_id222721
SHA-15F62D61B1BFE98FFF5DDC3B47CBB419AC2A85E87
SHA-256D85EFDCC566D698B617C08BA96A9C2AD7334F35382099A2CBB5BB970DBE5DEEF
SSDEEP12:4HJRTFUzjsXwIzrsJ8fFWvhYZWvhpdiejhmjMAs2vCK03a6LN1AMZhERfvApTwev:4HJF6zQhU8dW52W5pgCkMAs2vrl6LPp3
SpecialCode
TLSHT19D01D3DC1CD6AC0253120AEA154F71066A5C7417291C2E167DDCA29A7FD0A25E0B15BB
dbnsrl_modern_rds
insert-timestamp1727040564.6467083
sourceRDS.db
tar:gnamewheel
tar:unameroot
hashlookup:parent-total68
hashlookup:trust100

Network graph view

Parents (Total: 68)

The searched file hash is included in 68 parent files which include package known and seen by metalookup. A sample is included below:

Key Value
FileNamehttps://ftp.lysator.liu.se/pub/OpenBSD/5.8/packages//i386//py-pefile-1.2.10.139.tgz
MD5D676EA2E82A587577EFB5C7B8B242D07
SHA-10092E1D5D61B3823A8E708421D84E4233CD4038C
SHA-256AC6E6AE13D9D829201F9427B00E9D0E62F6D79E1B0EAFF878D9566968C416C4E
SSDEEP3072:hHID3fWUY6kYctC69wa2xOxsMufA7Kb41vvP:hHA3zFkR7FgOxsMufaKb4R
TLSHT100B312F0E811550705AD7BE87D3A2A118148A157A75CAFDCDEFC3B318AB047F0B98D5A
Key Value
FileSize142620
MD59A35E73A7BB58C6F99583A446371AE90
PackageDescriptionopen source tool to perform static analysis on PE malware PEframe is a open source tool to perform static analysis on Portable Executable malware and generic suspicious files. It can help malware researchers to detect packer, xor, digital signature, mutex, anti debug, anti virtual machine, suspicious sections and functions, and much more information about the suspicious files.
PackageMaintainerSascha Steinbiss <satta@debian.org>
PackageNamepeframe
PackageSectionutils
PackageVersion5.0.1+git20170303.0.e482def+dfsg-3
SHA-1069C86B4EEC137A3E48211BD3A93AE6C45DF8E4C
SHA-256A48E808D942DD7CA332699E35E0B25EC1DD451F81F55EB0F72BD6F9DFBC08015
Key Value
FileNamehttps://ftp.lysator.liu.se/pub/OpenBSD/5.6/packages//amd64//py-pefile-1.2.10.139.tgz
MD54D75F0A883B1E5146A613BCE99DEE42A
SHA-10E185FD1A7C14FD073AFE15C9D7FEFE59B5DABD3
SHA-2567E3C3E95F0F1148EC5CABB04B7411DE3A21BD5EDE333E6D1AA463F64160B50EC
SSDEEP3072:Sub9oEccAHt2tnW7zOkjC2O5fSgz1vnLEMB6bm:b97ccAN2tW7akjC2YqgJ3Cm
TLSHT150B31267F0EE4C0BF3319B3516572A286C26CC4DE44F629EB61A07B45D10E872F2B64B
Key Value
FileNamehttps://ftp.lysator.liu.se/pub/OpenBSD/6.2/packages//arm//py-pefile-1.2.10.139p2.tgz
MD5A10BB0562718F754C8633A9546323DC6
SHA-10E247C6E77CA4151890C16C840CBE047B1083823
SHA-256E02D329F0793E644A9F1CAEE844ABD33B737B5B0B1CA8731864DEC393EAEB32E
SSDEEP3072:ZCU71G8aSU/q3D5SU2ZqAx3ZbnxoMceRkD6/mvq:ZCU71G/SU2UUCxZFobNDCOq
TLSHT18DB312FF5E9A02C98F9D7AA4D2F3151F09DAFB494FF0F5A6D77A09E84C118B58485800
Key Value
FileNamehttps://ftp.lysator.liu.se/pub/OpenBSD/6.0/packages//hppa//py-pefile-1.2.10.139p2.tgz
MD57794CCA063E36D499C0EE188B06F0A56
SHA-114C66D2CDD540276E24137027F1FD31B972706F2
SHA-256D2DA6760F401B7C247B0F9B9BD5E41D7FBA5D2E74CE7931855709EC5C1B419E1
SSDEEP3072:Y8H/im7Uff9ro0/6iMtgaH5e82UvMq8400Ch:Y8H/i7l/GHwbuc
TLSHT15AB312E7669CED91BA1AC540C8A8341CF1268720972C0EB83AB5BA343AF5CB4065D1DC
Key Value
FileNamehttps://ftp.lysator.liu.se/pub/OpenBSD/5.7/packages//sparc64//py-pefile-1.2.10.139.tgz
MD57CD645D5BB4D1D86E52AF9E2B8BC487E
SHA-118F45F63D015D7EE9F29236D66811DED78BED911
SHA-256A5BD6A295D7857D46E0A77DF2A1707C2AE3F04F2D57CE14376E3C3DC678D63BD
SSDEEP3072:Dgz83d9fHFPNCIEKHW1QTJLmLnv6J9N8Cl:DO83JNCIEKHW1IJY6jl
TLSHT15BB312407C660D9F4C19D192E18E2C79D2FC06AFE0BBEE01B51B41DA857F149A2B9DCB
Key Value
MD52F0928B28C0C46F1381BEF6BFD28CB7F
PackageArchnoarch
PackageDescriptionpefile is a multi-platform Python module to read and work with Portable Executable (aka PE) files. Most of the information in the PE Header is accessible, as well as all the sections, section's information and data. pefile requires some basic understanding of the layout of a PE file. Armed with it it's possible to explore nearly every single feature of the file. Some of the tasks that pefile makes possible are: * Modifying and writing back to the PE image * Header Inspection * Sections analysis * Retrieving data * Warnings for suspicious and malformed values * Packer detection with PEiD’s signatures * PEiD signature generation
PackageMaintainerFedora Project
PackageNamepython-pefile
PackageRelease2.fc21
PackageVersion1.2.10_139
SHA-11BD9243CA00417A2C5C1E5AF9E78AB307347272E
SHA-256CCF034E7F807764428A28D771FBAE0C6F895AB54DE6148A2DBF7576D5FF4C460
Key Value
FileNamehttps://ftp.lysator.liu.se/pub/OpenBSD/6.1/packages//mips64//py-pefile-1.2.10.139p2.tgz
MD559D82CFDC41DB6D8D9FC01BAD0228098
SHA-11BEBDE4B7E4393F0988421DC2DA77A4A3BA48220
SHA-2564BBC8A5A716A3F56C438DE46D16A10648ADBD5B90A8B451D5AB5BB6ADF426C4F
SSDEEP3072:AVNFRI8GsqubnlDRaomwOim1pr5LUWk+IuEOb9Kl:AVNFm8GkdRaom8eYWk+IuEi8
TLSHT12CB31299CDEC802923CA407F6084F7CAB53A476B877CE9BF0E6655566CD2D6831804FE
Key Value
FileNamehttps://ftp.lysator.liu.se/pub/OpenBSD/6.0/packages//amd64//py-pefile-1.2.10.139p2.tgz
MD50D02266021B318B715F0AC2B8553D6B4
SHA-11E2D791AD140F41B94DD62AB0658E20AFDC1636F
SHA-256181832A96015B9975CC816317F00B1E4C22B557C9101FD36FA35104BB4FEB99D
SSDEEP3072:eVbaMWQxaw6bdWAAHrm0rVgpcXaNEbz2KvMP4L:eVbGWIWpHZryNEbzHvR
TLSHT1DBB312AD81A8F04195A946F18D4D6182F2870B27B11FE3FC7E5A3B6B813E461CF5A848
Key Value
FileNamehttps://ftp.lysator.liu.se/pub/OpenBSD/5.7/packages//amd64//py-pefile-1.2.10.139.tgz
MD5298CB25ABBC63BC3DC2E9EF2F48CECAD
SHA-11E9C998431504DB2D06A82241B6F89B70684DCB8
SHA-256CA88500DB08F5C388690231E2ACC29C88A5B21D18F84EFA8F61E5387F1BDEDC1
SSDEEP3072:MslyUwKAYHnJoYJbiT5WrvHksZuPtx+uorvUF0e1j+CTh8d:MxOA4I5YvEsZuHqC0g+CS
TLSHT192B312B7B7C396D8635D8CB752E93D28140DBCBC75201253953724BEBEB0211CA8AD65





metalookup is a service from miwakeru.com