| Key | Value |
|---|---|
| MD5 | 8905EC2A82EDE0DAD4916A92B36C4430 |
| PackageArch | noarch |
| PackageDescription | Prelude-Correlator allows conducting multi-stream correlations thanks to a powerful programming language for writing correlation rules. With any type of alert able to be correlated, event analysis becomes simpler, quicker and more incisive. This correlation alert then appears within the Prewikka interface and indicates the potential target information via the set of correlation rules. |
| PackageMaintainer | daviddavid <daviddavid> |
| PackageName | prelude-correlator |
| PackageRelease | 1.mga8 |
| PackageVersion | 5.2.0 |
| SHA-1 | 7CA518232185D6FA59A41663A75EB82F79807A66 |
| SHA-256 | AC0320F9362172BD562D30ED0FBB58BB4AB53EA1340F52D2A9EB67B4F26942A8 |
| hashlookup:children-total | 69 |
| hashlookup:trust | 50 |
The searched file hash includes 69 children files known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| FileName | ./usr/lib/python3.6/site-packages/preludecorrelator/config.py |
| FileSize | 2767 |
| MD5 | B541BAD9DCDE0EA08C09EC4322638366 |
| SHA-1 | 013AE0F08BA1B1D933DFF9B3BC1527945741B4F6 |
| SHA-256 | B7CA730FF3BDA84FEB5E3827731D5B8554ADD8DCCCBE94FB6A09CA0CCDA8B0B7 |
| SSDEEP | 48:VxDg4yUjHTYFuu7Gq+dGSsh3hgKv2cUHhdozaCju:bEwTmuu7GqeGSs/ASS |
| TLSH | T104515545242DA4AB82139658D84BC19EEB297B87355E403039FCF3987F0C460D1E398D |
| Key | Value |
|---|---|
| FileName | ./var/lib/prelude-correlator/prelude-correlator/ciarmy.dat |
| FileSize | 215845 |
| MD5 | 4D74A48FCAF9BE65572B7865A7914C52 |
| SHA-1 | 027D69A6CBF1A522A6F39F891AAA5FF3C252D556 |
| SHA-256 | A8F69235B1B442A1515DD6E44B5CA0D299B3CE25F1EE6596D88015BC987CFD40 |
| SSDEEP | 3072:Wn+qhnASubteC9PmpdYQP22ybNY40LIbZxSqy+lZX2YGPrbqy+1IwN2:Wn+KnTC9lMwN2 |
| TLSH | T1E824885573BF2FF5CEC6808E5382C4A6609A51A7DAA3F5E49FDB36807D01080FAF4652 |
| Key | Value |
|---|---|
| FileName | ./etc/prelude-correlator/rules/python/BusinessHourPlugin.py |
| FileSize | 1782 |
| MD5 | B9456CC17B7D83D5E4984E4439EF42BD |
| SHA-1 | 05A8AA84DAC3B52538900E92145E40289595E223 |
| SHA-256 | 35D495CACCEBD01F14BC4802C385B6E248DF80C027919676CEDBAD171CE53D22 |
| SSDEEP | 24:efbmIjvUpbkgK2ahJiyUVOkHxHqTbVloY5AwHF4kqTPs+wcGSHyAH7pCyZE1aryk:efyIjvU9xDg4yUjHTYh45TP4SSAbpCaj |
| TLSH | T15C31438E91719DB16A1103E5348F55DEB22A1A97D29A98983D5C818C7F04EF202B73E4 |
| Key | Value |
|---|---|
| FileName | ./usr/lib/python3.8/site-packages/preludecorrelator/__pycache__/utils.cpython-38.pyc |
| FileSize | 794 |
| MD5 | D4BFF5759AB87001F2C264943C63A534 |
| SHA-1 | 1297A23949FC119224B3DDDC5245F8CCFB03001D |
| SHA-256 | 155A486A38CD10EE26213BF516880E6476E3B59C9416EF754C842350EB13DD01 |
| SSDEEP | 24:c4qLufB4cAy3AlLAgU9yhsABfNFfxGw3kl/qq2O:uLuVAy3AlLnIyzBfNFciktqq2O |
| TLSH | T16D0120C70A4A164ED83FF67DA9F21D514888B0A7F11D046336761162AFCB0A4807196E |
| Key | Value |
|---|---|
| FileName | ./usr/lib/python3.8/site-packages/preludecorrelator/__pycache__/require.cpython-38.pyc |
| FileSize | 1013 |
| MD5 | 56BF6474A3640F11B599445A64122040 |
| SHA-1 | 14EDC3EB4D5CDF61CDF0F1377EC0B54CF76B3713 |
| SHA-256 | F0C3293EF29FF526E06014E035E5BBF956B1EF0BDAA069A6B62C3AF8EAB18F5D |
| SSDEEP | 24:c4cPxlv7r7G09cIhsNwJs9wvSH98xINO6RCqmUkS4XdWruKJKn9YyA7:+jr7GsLeNUsriyO6wRS4yhUn9xC |
| TLSH | T1751104DB1BDEBD4EF9B4FDF05295026400A2F3BB760ED0176740F0BB39552405961A49 |
| Key | Value |
|---|---|
| FileName | ./usr/lib/systemd/system/prelude-correlator.service |
| FileSize | 321 |
| MD5 | CB1C2E965A028FA4D45B0312A68DF4B1 |
| SHA-1 | 1A011BC0634DA1C9587970CE1356AC0D0B59012E |
| SHA-256 | 641BF3A097CC9A11C2E1196063519D55A2EAA550A414A9E01BDEC7B981B89A9C |
| SSDEEP | 6:z8L49JVKqolXN5aXjyADMzdK+aBNUZVQDMVQDsPWfGB/QDMVQDsBILQmWA4Rv:z6EJIlXNwTTDOK+aBNUrcUQDDfDUQDsx |
| TLSH | T18EE086E5B6307870EC1537A8ED2784C40D4631CD462EE1A037A120E8B8934C6C2112F3 |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/packages/prelude-correlator/NEWS |
| FileSize | 17991 |
| MD5 | 54B012B09947277031B17573041F98DC |
| SHA-1 | 1AC708B9825A5BC046D3C4A53A1933E361DFE4C7 |
| SHA-256 | CF6F7B31ED5AD5E133C3B5E24EFBF9AB581DD7541BD8036B7CF3D6718C3A94C9 |
| SSDEEP | 384:OKAQJMpN4mtKUdLA+pR+Y9DQFBKmWOgyrx:I+wHvWmOgw |
| TLSH | T1C78287E277343712799227A6D2CB41DAB718A1EB9233D0747B9895C87A03063D3776CB |
| Key | Value |
|---|---|
| FileName | ./etc/prelude-correlator/rules/python/EventScanPlugin.py |
| FileSize | 2191 |
| MD5 | 47B28463DDB94268C26E550C37C7EA8D |
| SHA-1 | 1CD68BD9325E29448D88FF96FD8A351CFB8BB61E |
| SHA-256 | 1E9720EE73766F85F460974AED30D9D297C82DA289F585F3D3D7FBAC0FB34253 |
| SSDEEP | 48:efyIjvRW4FDg4yUjHTYyFIZN8rF2TtWSCsFEP:efyaVEwT/qZuuWStF0 |
| TLSH | T16141B84E9320DAB05D0906B5104791DC732916C3962E5C08BD2CD38D7BA5EB681755FC |
| Key | Value |
|---|---|
| FileName | ./etc/prelude-correlator/rules/python/__pycache__/SpamhausDropPlugin.cpython-38.pyc |
| FileSize | 3347 |
| MD5 | 02A08E895AE07203EC5D8906CA18D371 |
| SHA-1 | 1E366128D776D133B64E9F687C45E9634A17AAF2 |
| SHA-256 | B01D9CAA4F5E11EDC274FEF59FC760E0F50F2FDE250604257C40B6BC80F2EC4B |
| SSDEEP | 48:L2Qj/4L1X8Uz40glTjAM+uMD7/gvBP8UH6xTE/4EtlXqfwA3HmK:L2QjE1XtzeGjJMBPua/4gxm5mK |
| TLSH | T1036174DA43929FCDFD3AF3B060FF46547231A37BB7C6A41B0514906A7F845A2AA10243 |
| Key | Value |
|---|---|
| FileName | ./usr/lib/python3.6/site-packages/preludecorrelator/require.py |
| FileSize | 1773 |
| MD5 | 6B74FB4E6B902BA1F8EFD8DB6D2B5DF3 |
| SHA-1 | 242636E006DD15C44B4A754161EABE026242EF0C |
| SHA-256 | 1C0ADC834F78DF28E4C8859F8F7A82F083CA499EA5E8F0F97F73DE7ADA0FF9F9 |
| SSDEEP | 24:QibkgK2ahJiyUVOkHxHqTbVloY5E8kL1oYGGYyeTt5fYGGS559b:VxDg4yUjHTY28kLm0Ynt5f0S5P |
| TLSH | T1A73174C72575BABBE902BD9071C261CDB69C2ED3B5285071B58C11C87F43970D2E25EA |