Result for E6C9996C3DC4DC242C42C9F91E119F55F2A27715

Query result

Key	Value
CRC32	FBD81622
FileName	./usr/lib/python2.7/dist-packages/pefile-1.2.10_139.egg-info
FileSize	1534
MD5	6130CC68D23FFA47770EB481387CBD3F
OpSystemCode	{'MfgCode': '1006', 'OpSystemCode': '362', 'OpSystemName': 'TBD', 'OpSystemVersion': 'none'}
ProductCode	{'ApplicationType': 'Italian', 'Language': 'English', 'MfgCode': '2535', 'OpSystemCode': '598', 'ProductCode': '17409', 'ProductName': 'Computer Aided Investigative Environment (CAINE) Computer Forensics Live Linux Distro 7.0', 'ProductVersion': 'd. 2016-01-27'}
SHA-1	E6C9996C3DC4DC242C42C9F91E119F55F2A27715
SHA-256	0C1BB06160317218C341EECC43AF003BAD91040973400551F8134405E9E7387F
SSDEEP	24:DHIjcIBEF9gXGDWEoGw/PX++fRpCVDkq2xPP4gQ6kQIF3A13g:DH8cIGjgXbFGw/PXFIkq254/QIO13g
SpecialCode
TLSH	T10A31744638C0B7F10D978AAEE10885969C5A8106856E68B870BD020D6F59E32E1FD4FE
db	nsrl_modern_rds
insert-timestamp	1647062336.7767136
source	NSRL
tar:gname	wheel
tar:uname	root
hashlookup:parent-total	35
hashlookup:trust	100

Network graph view

Parents (Total: 35)

The searched file hash is included in 35 parent files which include package known and seen by metalookup. A sample is included below:

Key	Value
FileName	https://ftp.lysator.liu.se/pub/OpenBSD/5.8/packages//i386//py-pefile-1.2.10.139.tgz
MD5	D676EA2E82A587577EFB5C7B8B242D07
SHA-1	0092E1D5D61B3823A8E708421D84E4233CD4038C
SHA-256	AC6E6AE13D9D829201F9427B00E9D0E62F6D79E1B0EAFF878D9566968C416C4E
SSDEEP	3072:hHID3fWUY6kYctC69wa2xOxsMufA7Kb41vvP:hHA3zFkR7FgOxsMufaKb4R
TLSH	T100B312F0E811550705AD7BE87D3A2A118148A157A75CAFDCDEFC3B318AB047F0B98D5A

Key	Value
FileName	https://ftp.lysator.liu.se/pub/OpenBSD/5.6/packages//amd64//py-pefile-1.2.10.139.tgz
MD5	4D75F0A883B1E5146A613BCE99DEE42A
SHA-1	0E185FD1A7C14FD073AFE15C9D7FEFE59B5DABD3
SHA-256	7E3C3E95F0F1148EC5CABB04B7411DE3A21BD5EDE333E6D1AA463F64160B50EC
SSDEEP	3072:Sub9oEccAHt2tnW7zOkjC2O5fSgz1vnLEMB6bm:b97ccAN2tW7akjC2YqgJ3Cm
TLSH	T150B31267F0EE4C0BF3319B3516572A286C26CC4DE44F629EB61A07B45D10E872F2B64B

Key	Value
FileName	https://ftp.lysator.liu.se/pub/OpenBSD/5.7/packages//sparc64//py-pefile-1.2.10.139.tgz
MD5	7CD645D5BB4D1D86E52AF9E2B8BC487E
SHA-1	18F45F63D015D7EE9F29236D66811DED78BED911
SHA-256	A5BD6A295D7857D46E0A77DF2A1707C2AE3F04F2D57CE14376E3C3DC678D63BD
SSDEEP	3072:Dgz83d9fHFPNCIEKHW1QTJLmLnv6J9N8Cl:DO83JNCIEKHW1IJY6jl
TLSH	T15BB312407C660D9F4C19D192E18E2C79D2FC06AFE0BBEE01B51B41DA857F149A2B9DCB

Key	Value
MD5	2F0928B28C0C46F1381BEF6BFD28CB7F
PackageArch	noarch
PackageDescription	pefile is a multi-platform Python module to read and work with Portable Executable (aka PE) files. Most of the information in the PE Header is accessible, as well as all the sections, section's information and data. pefile requires some basic understanding of the layout of a PE file. Armed with it it's possible to explore nearly every single feature of the file. Some of the tasks that pefile makes possible are: * Modifying and writing back to the PE image * Header Inspection * Sections analysis * Retrieving data * Warnings for suspicious and malformed values * Packer detection with PEiD’s signatures * PEiD signature generation
PackageMaintainer	Fedora Project
PackageName	python-pefile
PackageRelease	2.fc21
PackageVersion	1.2.10_139
SHA-1	1BD9243CA00417A2C5C1E5AF9E78AB307347272E
SHA-256	CCF034E7F807764428A28D771FBAE0C6F895AB54DE6148A2DBF7576D5FF4C460

Key	Value
FileName	https://ftp.lysator.liu.se/pub/OpenBSD/5.7/packages//amd64//py-pefile-1.2.10.139.tgz
MD5	298CB25ABBC63BC3DC2E9EF2F48CECAD
SHA-1	1E9C998431504DB2D06A82241B6F89B70684DCB8
SHA-256	CA88500DB08F5C388690231E2ACC29C88A5B21D18F84EFA8F61E5387F1BDEDC1
SSDEEP	3072:MslyUwKAYHnJoYJbiT5WrvHksZuPtx+uorvUF0e1j+CTh8d:MxOA4I5YvEsZuHqC0g+CS
TLSH	T192B312B7B7C396D8635D8CB752E93D28140DBCBC75201253953724BEBEB0211CA8AD65

Key	Value
MD5	3255594FC0D967136E0A4A422DA5A968
PackageArch	noarch
PackageDescription	pefile is a multi-platform Python module to read and work with Portable Executable (aka PE) files. Most of the information in the PE Header is accessible, as well as all the sections, section's information and data. pefile requires some basic understanding of the layout of a PE file. Armed with it it's possible to explore nearly every single feature of the file. Some of the tasks that pefile makes possible are: * Modifying and writing back to the PE image * Header Inspection * Sections analysis * Retrieving data * Warnings for suspicious and malformed values * Packer detection with PEiD’s signatures * PEiD signature generation
PackageMaintainer	Fedora Project
PackageName	python-pefile
PackageRelease	2.fc21
PackageVersion	1.2.10_139
SHA-1	1F7099FDA6F06F0917AB741C84221389E384D624
SHA-256	7B8B7180B9B5B7A26BDEF5D439A1E32B87995960ED356D93103D82C8A9201C43

Key	Value
MD5	507E7069D82E430F6C10E9121EC92333
PackageArch	noarch
PackageDescription	pefile is a multi-platform Python module to read and work with Portable Executable (aka PE) files. Most of the information in the PE Header is accessible, as well as all the sections, section's information and data. pefile requires some basic understanding of the layout of a PE file. Armed with it it's possible to explore nearly every single feature of the file. Some of the tasks that pefile makes possible are: * Modifying and writing back to the PE image * Header Inspection * Sections analysis * Retrieving data * Warnings for suspicious and malformed values * Packer detection with PEiD’s signatures * PEiD signature generation
PackageMaintainer	Fedora Project
PackageName	python-pefile
PackageRelease	2.fc21
PackageVersion	1.2.10_139
SHA-1	27855E48FFBFAFEF9A3CC47FBEC2050F55FA5434
SHA-256	7B0DD7447B4CBCC63CA92FCA64156E45301A398C294D0B9B010795C02C410319

Key	Value
FileSize	48678
MD5	52A5EDAF54790C63CBCE732F14BAA704
PackageDescription	Portable Executable (PE) parsing module for Python pefile is a Python module to read and work with Portable Executable (PE) files. Most of the information in the PE header is accessible, as well as all the sections, section information and data. . All the basic PE file structures are available with their default names as attributes of the returned instance. . Processed elements such as the import table are made available with lowercase names, to differentiate them from the upper case basic structure names. . pefile has been tested against the limits of valid PE headers; that is, Windows malware. Lots of packed malware attempt to abuse the format beyond its standard use. . Some of the tasks that pefile makes possible are: * Modifying and writing back to the PE image * Header inspection * Section analysis * Retrieving data * Warnings for suspicious and malformed values * Packer detection with PEiD signatures * PEiD signature generation
PackageMaintainer	Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
PackageName	python-pefile
PackageSection	python
PackageVersion	1.2.10.139-2
SHA-1	3683D91321D1FF1404138AAF6DC6316E54DF7427
SHA-256	20200CBA40017C15C97474207762A471B36ACE7CB56E2D97BD2F1C12185018FC

Key	Value
FileName	https://ftp.lysator.liu.se/pub/OpenBSD/5.6/packages//hppa//py-pefile-1.2.10.139.tgz
MD5	F703FA1123F1E3DD419557AE7195787C
SHA-1	3A5EC4D5339F5EABF2F391214EBD2CA0A73DFB15
SHA-256	1569A0F9BE46E84DF9D3230BDE64CE21B7DE41D5E572FF66E452C347F94C5FCA
SSDEEP	3072:rsSy/tKVSAjr8Kc2Bcw1SDBn+FUI9xkqE:rsSu8SAjrC2yw1eBmL5E
TLSH	T1C2B312F1D2F6D8C01870E2FD898CD361A52CC9802582539AEC2DD8742F565F5AC679EF

Key	Value
FileName	https://ftp.lysator.liu.se/pub/OpenBSD/5.7/packages//i386//py-pefile-1.2.10.139.tgz
MD5	F598D73F13013E980F10956C29B3F114
SHA-1	4ECDEF0C1D02C31DFAD3EC37B63AC11E6333DEDB
SHA-256	E1098FEDD27CF61CA807A22A0955AB287A03EB520FF17A5BCA9F44954E6006C7
SSDEEP	3072:I+cfyxcqEAoiHgTNWyu6INaPfTbrmxY96J9NtP2Sy:I+c6aqoivyFINObP6jq
TLSH	T147B31261542025279CFFECE3C8C639B5C6D905DFF2BD0A1B1062B9D38DA308992B57D6