| Key | Value |
|---|---|
| FileName | ./usr/lib/python3/dist-packages/pefile-2017.11.5.egg-info/PKG-INFO |
| FileSize | 1484 |
| MD5 | 5096FB8F3688E8DBAC98FF30BB459CE1 |
| SHA-1 | B286D868123F858E548AB4BA3A674B891E0B4D8A |
| SHA-256 | 34BAC21D3352B17A2DC69A1F915173275C479C0C04B8E55941E00752D5382144 |
| SSDEEP | 24:DHncdVE5q1/JXsXGbWYoGw/PX++fHFLjCPGKRzPP4gQ6kQIF3A13g:DHncYE/JcXthGw/PXFdGVb4/QIO13g |
| TLSH | T1E03163C734C0B5E50ED78ADEE00CC6555C4BC5028A9E98A830BF500DBF06922D2BE5BD |
| tar:gname | bin |
| tar:uname | root |
| hashlookup:parent-total | 18 |
| hashlookup:trust | 100 |
The searched file hash is included in 18 parent files which include package known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| FileName | https://ftp.lysator.liu.se/pub/OpenBSD/6.3/packages//powerpc//py3-pefile-2017.11.5.tgz |
| MD5 | 4E181DE6A979841C07023BF18873FFBA |
| SHA-1 | 0A7274177135BF03328F24FF0D0DF99FE1144773 |
| SHA-256 | 9DDC664C0490430C5E06C292C44E182724AE65D773B0802C57382D4B2803DDF3 |
| SSDEEP | 3072:nRtRj9Th9f9wq+fLOxN1LolLt9QnMuAeFkTrN:nrTh91so0luk8kTrN |
| TLSH | T167C312AD76F8A0C8EBDFF88F696280DAD1112DF09A11C5411B8025F472957CD6027EBB |
| Key | Value |
|---|---|
| FileName | https://ftp.lysator.liu.se/pub/OpenBSD/6.3/packages//arm//py-pefile-2017.11.5.tgz |
| MD5 | 50913C9E42ED18BFE4A2646DEAA31699 |
| SHA-1 | 12C5927E960553D8B9A20B38AD2D26542780C849 |
| SHA-256 | EB33CEC98E33828127D4C62F86BFF4F2A7A138ED961AB2CBFF825EC64A286DCA |
| SSDEEP | 3072:1ym3XdUZ1xMJYl7R/81rmMd5v0tIB/kzMl/vAoA:1pHdXJWZ81Dd5rBczMl/vK |
| TLSH | T1B4C31228F935EC7E7C3C31E25DF0AB27EBB1A19711293416A6F903D1551626B91BE1C0 |
| Key | Value |
|---|---|
| FileName | https://ftp.lysator.liu.se/pub/OpenBSD/6.3/packages//sparc64//py3-pefile-2017.11.5.tgz |
| MD5 | 952237A4473BE6B2DD86FE3A7883E45C |
| SHA-1 | 17AB706134A166238771B6098723E92138FF09A6 |
| SHA-256 | EA13720FCF1CCF89E37691BC17AD0F6647F8531A781BFF56A3FD345640564391 |
| SSDEEP | 3072:vVTEqcdhJXhnM1ImYjwlRmafRuYRJMfMyk:vVTBc4ymYAfRuma4 |
| TLSH | T1FAC3137A1D7CFA7DD61A08E3BF51E9FD02229B2B30C2E8883D8D14597B556221F44A4E |
| Key | Value |
|---|---|
| FileName | https://ftp.lysator.liu.se/pub/OpenBSD/6.3/packages//amd64//py-pefile-2017.11.5.tgz |
| MD5 | D07ADBCE8CF9BFF7950F89691D53927D |
| SHA-1 | 32A08CFF03ED5F5B562B22719AB81029BFD5AD0D |
| SHA-256 | 4EA785359585E6353C90E701ABD50EF448FD4F55267A86895428EF6F10D5543C |
| SSDEEP | 3072:820Ji2KxRSEzyw3obI6gbPDxH49q1Tj3BhkvYONKlVBqO+RtXYdBS:cJwehuDBcE/RexNKlD7+RBYzS |
| TLSH | T162C3124B6C76F05D182EA1936BB039C71056038F35A71A4257A1DB6F316F29FCA66338 |
| Key | Value |
|---|---|
| FileName | https://ftp.lysator.liu.se/pub/OpenBSD/6.3/packages//mips64//py-pefile-2017.11.5.tgz |
| MD5 | A2933B32B0C5D43A5563CF57845CF386 |
| SHA-1 | 3B2E674F39EE63F07EAA52FB4F09E6B1ECA35508 |
| SHA-256 | EE391142B79A293977BEBD301E54841D0DF6434BDDF7EB6A590BEAF64BDE5B4A |
| SSDEEP | 3072:eI/dHKxkcONt64wo1bMhZ5z7b2BhkvYONKlVBqOu37vxJ:B/dS0Nt5wo1bMF7bSexNKlD7G3 |
| TLSH | T161C3129C46B35534425B517F47CA2543983CB74F3623C8F391E9D70EBE9B3A98BA0928 |
| Key | Value |
|---|---|
| FileName | https://ftp.lysator.liu.se/pub/OpenBSD/6.3/packages//arm//py3-pefile-2017.11.5.tgz |
| MD5 | 2DAE5949FC25464047BFEDFFCD0E7A43 |
| SHA-1 | 463CB9E44DAD3C385CB221BE8C83B5FBCBDE1390 |
| SHA-256 | F163A86F2ADB59A089337F4ED314BB05930B1D30E673617F694DEBC6C4A6EBC1 |
| SSDEEP | 1536:EANz+6XJDkVGHwbI+Aynb9nf3YmMxUQiOYGJaQY5hq5CDdrXbXPLQHhqWITRQx:h+qJDRSBXnxnfOxvi+itXbXUBvITRY |
| TLSH | T1FFC31289ED3554F947578D29BCBB0204813A9546FD04E428A7E49A7E6C703B2C98D4EE |
| Key | Value |
|---|---|
| FileSize | 52220 |
| MD5 | 63FF9448EABA6820E60D675DD84904B0 |
| PackageDescription | Portable Executable (PE) parsing module for Python pefile is a Python module to read and work with Portable Executable (PE) files. Most of the information in the PE header is accessible, as well as all the sections, section information and data. . All the basic PE file structures are available with their default names as attributes of the returned instance. . Processed elements such as the import table are made available with lowercase names, to differentiate them from the upper case basic structure names. . pefile has been tested against the limits of valid PE headers; that is, Windows malware. Lots of packed malware attempt to abuse the format beyond its standard use. . Some of the tasks that pefile makes possible are: * Modifying and writing back to the PE image * Header inspection * Section analysis * Retrieving data * Warnings for suspicious and malformed values * Packer detection with PEiD signatures * PEiD signature generation |
| PackageMaintainer | Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> |
| PackageName | python3-pefile |
| PackageSection | python |
| PackageVersion | 2017.11.5-2 |
| SHA-1 | 4D0C4027F1FA127F764AD95BD1A4B49EA60ABF23 |
| SHA-256 | 55A733206EE4FD96AEAF17C70B4555F0563F55E59A2419D6B004DEA8C6D3E4C1 |
| Key | Value |
|---|---|
| MD5 | 3D8F0C56DEFE37CDC79F7A62D979C0F2 |
| PackageArch | noarch |
| PackageDescription | Portable Executable reader module. All the PE file basic structures are available with their default names as attributes of the instance returned. Processed elements such as the import table are made available with lowercase names, to differentiate them from the upper case basic structure names. pefile has been tested against many edge cases such as corrupted and malformed PEs as well as malware, which often attempts to abuse the format way beyond its standard use. To the best of my knowledge most of the abuse is handled gracefully. |
| PackageMaintainer | https://bugs.opensuse.org |
| PackageName | python3-pefile |
| PackageRelease | lp151.2.2 |
| PackageVersion | 2017.11.5 |
| SHA-1 | 5EF27F37E4FE1C6DC554582048ADD548798EE354 |
| SHA-256 | 0C18E77E9F3C03C3EF9011C39228EC33B4F432259C24355EBA8EFD0BBBA1AB73 |
| Key | Value |
|---|---|
| FileSize | 54712 |
| MD5 | C05AA587AFDEB74111116113F030011C |
| PackageDescription | Portable Executable (PE) parsing module for Python pefile is a Python module to read and work with Portable Executable (PE) files. Most of the information in the PE header is accessible, as well as all the sections, section information and data. . All the basic PE file structures are available with their default names as attributes of the returned instance. . Processed elements such as the import table are made available with lowercase names, to differentiate them from the upper case basic structure names. . pefile has been tested against the limits of valid PE headers; that is, Windows malware. Lots of packed malware attempt to abuse the format beyond its standard use. . Some of the tasks that pefile makes possible are: * Modifying and writing back to the PE image * Header inspection * Section analysis * Retrieving data * Warnings for suspicious and malformed values * Packer detection with PEiD signatures * PEiD signature generation |
| PackageMaintainer | Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> |
| PackageName | python-pefile |
| PackageSection | python |
| PackageVersion | 2017.11.5-2 |
| SHA-1 | 707A95225D749B8683FC0E881A84C5E811E1356C |
| SHA-256 | 6D07D98B659B643E1BD413272DFC52032C5966E012F37C094A5BA0F11DF8108D |
| Key | Value |
|---|---|
| FileName | https://ftp.lysator.liu.se/pub/OpenBSD/6.3/packages//powerpc//py-pefile-2017.11.5.tgz |
| MD5 | 65D4DFBE47CC43249324AB06460ACAB5 |
| SHA-1 | 74E632BCD54F621A65BDC43C0955A56144FE09CD |
| SHA-256 | 3A3DDDC316CCFC8989F26A2CD327CF2A7BC7E6ABC4FE6197A3DA765A9D393AC6 |
| SSDEEP | 3072:kj2Q3TNhYVwYZ71AVBSzumhioDHeOFY5sHQC:O2K74wYZ7qVkioreJC |
| TLSH | T129C31277E7928096D53A041C2FBE6C167B869F9713CA360BC36D7904B61B609F05EF44 |