Result for C7BC77DADA3FF8A4E6A4FD3ABCBFD5D72D323112

Query result

Key	Value
FileName	./usr/lib/python3/dist-packages/pefile-2019.4.18.egg-info/PKG-INFO
FileSize	1446
MD5	E65EF1C2CB27F95ACD3B75E312517AEB
SHA-1	C7BC77DADA3FF8A4E6A4FD3ABCBFD5D72D323112
SHA-256	67065E2E1B0CC419E96CF3E4FDE0FE51DD085E7BDD08678E60DEFC215723DB8E
SSDEEP	24:DHEIcdVE5qp2XGbWYoGw/PX++fHFLjCXgKRzPP4gQ6kQIF3A13g:DHEIcYI2XthGw/PXFdAnb4/QIO13g
TLSH	T1EE3156C774C07DE54DDB89DDE10CC7559C5AC642CA9E98A830BE000DAF06922D1BE5BD
tar:gname	root
tar:uname	root
hashlookup:parent-total	35
hashlookup:trust	100

Network graph view

Parents (Total: 35)

The searched file hash is included in 35 parent files which include package known and seen by metalookup. A sample is included below:

Key	Value
MD5	6AFA9A373ECCA2EA96C0C081D1EC7028
PackageArch	noarch
PackageDescription	Portable Executable reader module. All the PE file basic structures are available with their default names as attributes of the instance returned. Processed elements such as the import table are made available with lowercase names, to differentiate them from the upper case basic structure names. pefile has been tested against many edge cases such as corrupted and malformed PEs as well as malware, which often attempts to abuse the format way beyond its standard use. To the best of my knowledge most of the abuse is handled gracefully.
PackageName	python2-pefile
PackageRelease	lp151.11.2
PackageVersion	2019.4.18
SHA-1	05EC1F14186CD02BEEC8E6F034CB5F45CC0DBCB3
SHA-256	872DBF5DF3D188481A7236AC21BE51705E7353C255AAC0EA69308AFB9317A2F4

Key	Value
FileSize	56388
MD5	5322B93AF8902F94A9BFCF50BEEE3E5D
PackageDescription	Portable Executable (PE) parsing module for Python pefile is a Python module to read and work with Portable Executable (PE) files. Most of the information in the PE header is accessible, as well as all the sections, section information and data. . All the basic PE file structures are available with their default names as attributes of the returned instance. . Processed elements such as the import table are made available with lowercase names, to differentiate them from the upper case basic structure names. . pefile has been tested against the limits of valid PE headers; that is, Windows malware. Lots of packed malware attempt to abuse the format beyond its standard use. . Some of the tasks that pefile makes possible are: * Modifying and writing back to the PE image * Header inspection * Section analysis * Retrieving data * Warnings for suspicious and malformed values * Packer detection with PEiD signatures * PEiD signature generation
PackageMaintainer	Hilko Bengen <bengen@debian.org>
PackageName	python3-pefile
PackageSection	python
PackageVersion	2019.4.18-1.1
SHA-1	083D134A746DDF47A2C37E5DC288DBF0A192BAA2
SHA-256	D8FB32BE8275F88EBBC54BEE310E4719D4AED9615B68050C1C0B5CCD41BD8135

Key	Value
MD5	D367F74CBBCFD4192424DE6123C23414
PackageArch	noarch
PackageDescription	Portable Executable reader module. All the PE file basic structures are available with their default names as attributes of the instance returned. Processed elements such as the import table are made available with lowercase names, to differentiate them from the upper case basic structure names. pefile has been tested against many edge cases such as corrupted and malformed PEs as well as malware, which often attempts to abuse the format way beyond its standard use. To the best of my knowledge most of the abuse is handled gracefully.
PackageName	python3-pefile
PackageRelease	2.5
PackageVersion	2019.4.18
SHA-1	0FB935997B9EA17330DBE1CB3DB1297854621166
SHA-256	5D515C331DCCC146D41053872ACBFA506A15CFCE6E7895BF06A1261BA1043A11

Key	Value
MD5	32A7C2ECD1BC31DBDB1CE51A1DEC67B8
PackageArch	noarch
PackageDescription	Portable Executable reader module. All the PE file basic structures are available with their default names as attributes of the instance returned. Processed elements such as the import table are made available with lowercase names, to differentiate them from the upper case basic structure names. pefile has been tested against many edge cases such as corrupted and malformed PEs as well as malware, which often attempts to abuse the format way beyond its standard use. To the best of my knowledge most of the abuse is handled gracefully.
PackageMaintainer	https://bugs.opensuse.org
PackageName	python2-pefile
PackageRelease	bp153.1.14
PackageVersion	2019.4.18
SHA-1	131D80561BB38580A46B4C71C0802C3FF60ED247
SHA-256	4957DB50E9018B8C1062E5BD11D73F467466FEF46A6039CDF6A3DC205245C77C

Key	Value
MD5	139FA61E3FC6F718A6BC9DFA7F0403B1
PackageArch	noarch
PackageDescription	Portable Executable reader module. All the PE file basic structures are available with their default names as attributes of the instance returned. Processed elements such as the import table are made available with lowercase names, to differentiate them from the upper case basic structure names. pefile has been tested against many edge cases such as corrupted and malformed PEs as well as malware, which often attempts to abuse the format way beyond its standard use. To the best of my knowledge most of the abuse is handled gracefully.
PackageName	python2-pefile
PackageRelease	2.43
PackageVersion	2019.4.18
SHA-1	1FBA19858F2E8C393F817AE30776A7B162085A0D
SHA-256	B69AB8BEE8A750BC69C0EFF4EDC2D8D48D9BEEC0868B980DB1F0D960D4A435E0

Key	Value
MD5	E99B18E5103E90EBB3662D4A4417AB8A
PackageArch	noarch
PackageDescription	Portable Executable reader module. All the PE file basic structures are available with their default names as attributes of the instance returned. Processed elements such as the import table are made available with lowercase names, to differentiate them from the upper case basic structure names. pefile has been tested against many edge cases such as corrupted and malformed PEs as well as malware, which often attempts to abuse the format way beyond its standard use. To the best of my knowledge most of the abuse is handled gracefully.
PackageName	python3-pefile
PackageRelease	11.123
PackageVersion	2019.4.18
SHA-1	245E454BE02A94EA2D63C42579E616924CF73F41
SHA-256	5025907484A8E39BCE1E4676566B887AFB8B88FA5622A0F492F405AEA799DD69

Key	Value
MD5	2590C4BFB77264B86F096526135D33EF
PackageArch	noarch
PackageDescription	Portable Executable reader module. All the PE file basic structures are available with their default names as attributes of the instance returned. Processed elements such as the import table are made available with lowercase names, to differentiate them from the upper case basic structure names. pefile has been tested against many edge cases such as corrupted and malformed PEs as well as malware, which often attempts to abuse the format way beyond its standard use. To the best of my knowledge most of the abuse is handled gracefully.
PackageName	python2-pefile
PackageRelease	11.4
PackageVersion	2019.4.18
SHA-1	25CF516221B442D934D0F47ADE99586EBCC5F862
SHA-256	32603508B3AF17ED1B7E4A3195BB655F7C4446E02FE98BC8B0CCB95CFD255636

Key	Value
MD5	0740C1BB3772B6F285F675AC617B5D63
PackageArch	noarch
PackageDescription	Portable Executable reader module. All the PE file basic structures are available with their default names as attributes of the instance returned. Processed elements such as the import table are made available with lowercase names, to differentiate them from the upper case basic structure names. pefile has been tested against many edge cases such as corrupted and malformed PEs as well as malware, which often attempts to abuse the format way beyond its standard use. To the best of my knowledge most of the abuse is handled gracefully.
PackageMaintainer	https://bugs.opensuse.org
PackageName	python3-pefile
PackageRelease	bp153.1.14
PackageVersion	2019.4.18
SHA-1	2D75905440AFF7AEADA67161EB8286896EA8B572
SHA-256	F2A67D54ADF584D35D90273E940B5387291183B5C1EBAFA17B4822823F7CDE07

Key	Value
MD5	251B716AA85558B029ACD5B1BD8B3AE0
PackageArch	noarch
PackageDescription	Portable Executable reader module. All the PE file basic structures are available with their default names as attributes of the instance returned. Processed elements such as the import table are made available with lowercase names, to differentiate them from the upper case basic structure names. pefile has been tested against many edge cases such as corrupted and malformed PEs as well as malware, which often attempts to abuse the format way beyond its standard use. To the best of my knowledge most of the abuse is handled gracefully.
PackageName	python2-pefile
PackageRelease	2.6
PackageVersion	2019.4.18
SHA-1	35A30B60D1E121CE859CB3F980560C49F449E46D
SHA-256	5B1ACBE6714CB6A06F8484955C27F5057EBC6F8C907241AA11781809D31AA656

Key	Value
FileSize	55936
MD5	68E13894212A483DE0BC7E2A112D3F1A
PackageDescription	Portable Executable (PE) parsing module for Python pefile is a Python module to read and work with Portable Executable (PE) files. Most of the information in the PE header is accessible, as well as all the sections, section information and data. . All the basic PE file structures are available with their default names as attributes of the returned instance. . Processed elements such as the import table are made available with lowercase names, to differentiate them from the upper case basic structure names. . pefile has been tested against the limits of valid PE headers; that is, Windows malware. Lots of packed malware attempt to abuse the format beyond its standard use. . Some of the tasks that pefile makes possible are: * Modifying and writing back to the PE image * Header inspection * Section analysis * Retrieving data * Warnings for suspicious and malformed values * Packer detection with PEiD signatures * PEiD signature generation
PackageMaintainer	Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
PackageName	python3-pefile
PackageSection	python
PackageVersion	2019.4.18-1.1
SHA-1	38C855927B24C7BA33895BC6B8973E101B08A048
SHA-256	524541253D4DFCD62059E9C02D4CCD7DD781ACD96573D7CF43473CAEE94ED078