| Key | Value |
|---|---|
| MD5 | 987B6CE394748B67D1A9AC7567A110E1 |
| PackageArch | x86_64 |
| PackageDescription | Hive files are the undocumented binary files that Windows uses to store the Windows Registry on disk. Hivex is a library that can read and write to these files. 'hivexsh' is a shell you can use to interactively navigate a hive binary file. 'hivexregedit' lets you export and merge to the textual regedit format. 'hivexml' can be used to convert a hive file to a more useful XML format. In order to get access to the hive files themselves, you can copy them from a Windows machine. They are usually found in %systemroot%\system32\config. For virtual machines we recommend using libguestfs or guestfish to copy out these files. libguestfs also provides a useful high-level tool called 'virt-win-reg' (based on hivex technology) which can be used to query specific registry keys in an existing Windows VM. For OCaml bindings, see 'ocaml-hivex-devel'. For Perl bindings, see 'perl-hivex'. For Python bindings, see 'python-hivex'. For Ruby bindings, see 'ruby-hivex'. |
| PackageMaintainer | CentOS BuildSystem <http://bugs.centos.org> |
| PackageName | hivex |
| PackageRelease | 6.12.el7_9 |
| PackageVersion | 1.3.10 |
| SHA-1 | 9470EC60C275FCD38AB7D172CD9FAAA38A78B3B3 |
| SHA-256 | ACE18D3C4C3ACB71A8D4C5A6930F0AE58E655462938D91D3EF45AEF7694DF479 |
| hashlookup:children-total | 26 |
| hashlookup:trust | 50 |
The searched file hash includes 26 children files known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| CRC32 | EB79069A |
| FileName | ./usr/share/locale/nl/LC_MESSAGES/hivex.mo |
| FileSize | 4425 |
| MD5 | 44142557847741CC8802CC08E6F0C4C1 |
| OpSystemCode | 362 |
| ProductCode | 183705 |
| SHA-1 | 00C4E1752C70808ECD54244039F84F0C3988B33E |
| SHA-256 | DAAD1916CD08F3ADA61976B54537FB1DCD3B89D069B1E3524C14C1645F6C6085 |
| SSDEEP | 96:7/MRkWXhG+KmJVdY1Uw0iqCAVimlx00B8OgURYGmgx1Z9:4SWxx1SOuAIK5KvWp |
| SpecialCode | |
| TLSH | T17E91D60B8B802A6FCBD710F2EB4DC282958401289EB6D2A5295CC57279C0CBE52FF0DC |
| db | nsrl_modern_rds |
| insert-timestamp | 1646978171.2557774 |
| source | NSRL |
| Key | Value |
|---|---|
| CRC32 | 088D0D8F |
| FileName | ./usr/share/locale/gu/LC_MESSAGES/hivex.mo |
| FileSize | 4942 |
| MD5 | 82FF599ED6D54E590A0ED4B0DA409537 |
| OpSystemCode | 362 |
| ProductCode | 183705 |
| SHA-1 | 012DC7A4FE41B333AE01345E3AF29FB891FBFACA |
| SHA-256 | C4C8217E6A915E282A7E614906BAB0F421437C412B9D113C0F91AF534A11065B |
| SSDEEP | 96:LkW8G+KGUw0iqCAVWAKrworHLx9SlKGn6FU/BrPWv:wW8xeuAclr5rH1IlKobWv |
| SpecialCode | |
| TLSH | T112A100C0C7A8E532E6D75EBA838D421096685747CD6A6300128DDD45AD42CEE3FFE9CB |
| db | nsrl_modern_rds |
| insert-timestamp | 1646978302.6542115 |
| source | NSRL |
| Key | Value |
|---|---|
| CRC32 | 8661CAE0 |
| FileName | ./usr/share/locale/or/LC_MESSAGES/hivex.mo |
| FileSize | 708 |
| MD5 | 6CB74E4C265EF4DAF23AB40E61C6820C |
| OpSystemCode | 362 |
| ProductCode | 183705 |
| SHA-1 | 017530C504933DF803B59F53558A70E0F4ABAA3B |
| SHA-256 | D2E986A3E200CB51A3C55291FDF89BDCEFD8DC39ED2276281C97AE9D9E92EF61 |
| SSDEEP | 12:iCAuzk25UMAHAl68Oit0jDx905wn/0cQzlwxEXmBQWiOWOgD6HqqnagP+qhi:/Auz95UMew68Oit0jDxC5+0c0qEXmGIU |
| SpecialCode | |
| TLSH | T1F0012340E8B48D10E6DC30F28380833832180695FADBE9CA2A0E54663FD6AFD05F9644 |
| db | nsrl_modern_rds |
| insert-timestamp | 1646978396.4972832 |
| source | NSRL |
| Key | Value |
|---|---|
| CRC32 | AB44852B |
| FileName | ./usr/share/locale/mr/LC_MESSAGES/hivex.mo |
| FileSize | 6065 |
| MD5 | C004DA415D44938DC1D389336FA153AF |
| OpSystemCode | 362 |
| ProductCode | 183705 |
| SHA-1 | 05A1E58CA80FB4C8DEB12BB2E688DE4B1D02B46C |
| SHA-256 | D3CCB20C8BEAABBCA6A18EB67DE3E202BC7BA10F8C2A48684EFF01A94C680D43 |
| SSDEEP | 96:7/H3kWXhG+KmJVdY1Uw0iqCAzwSHApGvE6oBsdGw3vbyYve4i+Nlj+749X74eLiN:gWxx1SOuAZTExC2ejkwABcgIBGj |
| SpecialCode | |
| TLSH | T1A2C1124CF37DF756CEFD78B927584E3688B811B4CBE542520888F2937C80CB811AE59A |
| db | nsrl_modern_rds |
| insert-timestamp | 1646979873.169192 |
| source | NSRL |
| Key | Value |
|---|---|
| FileName | ./usr/lib64/libhivex.so.0.0.0 |
| FileSize | 82152 |
| MD5 | 0EBF9D8E0E22E3331D6012F01F6640FA |
| SHA-1 | 0DC361D0F135589F4D7B3016CB84DA759A325E05 |
| SHA-256 | BFE706E333A125C8D423F903FBD0BC2C65E52C71B73EE358552DA9E41629BBFB |
| SSDEEP | 1536:kgwAgeyQQnZ26i6myKj+znh18HmATe8SMOEf:kTAw7nkmhpznf8HmATe5Q |
| TLSH | T155835C8731A144F0C0C5863083AB8210B7707D547316A7AFB959FBB93E7692E1E7EE16 |
| Key | Value |
|---|---|
| FileName | ./usr/share/man/man1/hivexget.1.gz |
| FileSize | 3096 |
| MD5 | 24F4CD8D0C75D29FD3A5B8B427D39775 |
| SHA-1 | 168A8ADB4459F8D58AA968DEB3F6FF34626B7164 |
| SHA-256 | 180DE24C4D90EB0D5E8C213FBC54C6D5809A619E96169B768690173BD7E31433 |
| SSDEEP | 48:XsQUxj2F0FVU5Ms/WAFPjluJSWs15fy78mUhmGiAyt+0CCvATUkEpk:zU5FyMZAF7AJkxy78nhmLAAXCvTUkmk |
| TLSH | T13F515DDA50B3289260EA7F79B3B11D0887E582755375B435ED01241FDDC585E14FED8C |
| Key | Value |
|---|---|
| CRC32 | C2D8C0BC |
| FileName | ./usr/share/locale/kn/LC_MESSAGES/hivex.mo |
| FileSize | 6897 |
| MD5 | 7476935BC244B49FF92AA32746E35DF8 |
| OpSystemCode | 362 |
| ProductCode | 183705 |
| SHA-1 | 2219F3C214D0C3A04B43E5375D161EA6544D86AC |
| SHA-256 | 2EF01BFF214271FB202474DE8BB36B80FFCEAD79FB29773C7867134B3BDB19EF |
| SSDEEP | 192:TYWxx1SOuAYBtLMGJcliKVqtp0fmkVkiqGM+mjNIHkmmZSUxmZLedF/U:TJxx1SP3B1ixqf0ukrMjjNIHkbTsFOFc |
| SpecialCode | |
| TLSH | T13FE163186EBA2D32EFD6107A659C652ECFF01BA1AC9603D2F09DC7407DA0C5A14CB4DD |
| db | nsrl_modern_rds |
| insert-timestamp | 1646991275.1009681 |
| source | NSRL |
| Key | Value |
|---|---|
| CRC32 | EA01DC1A |
| FileName | usr/bin/hivexget |
| FileSize | 1035 |
| MD5 | 9A3D08CCB414EF5820F15E60ADD5FABA |
| OpSystemCode | 362 |
| ProductCode | 183705 |
| SHA-1 | 224CCF0E3E7A7D7276A233F4F6194D4873EBEF1E |
| SHA-256 | 48FEE0A09A84DE9F91687F2471B8CFBD59CE3152DE08E61268539F4D005499B3 |
| SSDEEP | 24:oct2HSCUgiyUVOkHxHqTbV3oDq9e4IOJpWeu:onyzjyUjH0uqQ4IEMeu |
| SpecialCode | |
| TLSH | T17A11758D3081C3B6880402E83A0A61DEA12D579F6B6D1464700DE25EEF05FB655F26D8 |
| db | nsrl_modern_rds |
| insert-timestamp | 1646991339.9974313 |
| source | NSRL |
| tar:gname | root |
| tar:uname | root |
| Key | Value |
|---|---|
| CRC32 | 7B9817D6 |
| FileName | ./usr/share/locale/zh_CN/LC_MESSAGES/hivex.mo |
| FileSize | 4168 |
| MD5 | B1D7A8A43A4EC37A2CC537A73843B845 |
| OpSystemCode | 362 |
| ProductCode | 183705 |
| SHA-1 | 2B48BFD560234752FFA74D6C7E7D7A2900B2ECEE |
| SHA-256 | AA94876B93F1D5972BA16BF9D34AA046CCDAD53D805D7B0AC46DF79F7BC5813D |
| SSDEEP | 96:7/A5kWXhG+KmJVdY1Uw0iqCAxpi12kpNt2yhqJa:caWxx1SOuA7pSQo |
| SpecialCode | |
| TLSH | T18681E755CB842F8FEBEB01B0878DC256456405B8DF9BA2902EECC5D639818AC14FF9CC |
| db | nsrl_modern_rds |
| insert-timestamp | 1646994486.7114942 |
| source | NSRL |
| Key | Value |
|---|---|
| FileName | ./usr/bin/hivexml |
| FileSize | 20072 |
| MD5 | 927842E10C31FFF61002B71D31D65F30 |
| SHA-1 | 3CC8D16FF27D37FA934BB53E724B1AD25B016381 |
| SHA-256 | B5D8F40050A609AB6E06E877C70DBCAC3F20FF8C20E38FBDC434447B9B309BE3 |
| SSDEEP | 192:G2u9w0OjFENlNF498Ge1bYogULGLyYMGQOHP3EWiHBYqV2XDDA4Q2S:cJNlNF4j5ogUEFMGQOfEWSBqTQ |
| TLSH | T1B792FA976AA386BEC67493700A1F417D2573A6F6FB116B2B144072367B0BB4C0F0A937 |