| Key | Value |
|---|---|
| FileName | http://mirror.math.princeton.edu/pub/blackarch/blackarch/os//x86_64//python2-plaso-20191203-1-x86_64.pkg.tar.xz |
| MD5 | 861A80E96FC6B3EE2194D19059D64A09 |
| SHA-1 | E817155A72B68564076C130B41B9F91E0FD9A2B6 |
| SHA-256 | F6F4A7CB0CD22127EC5F7DB8C0440B0E61DD36D4A849E89F1C99A6E63C9923E8 |
| SSDEEP | 49152:1gtxN1TLXTaS46cmmCFV1D/YK2e/XB4xFvxeU:1yxN1TLBDB/YKdvBEvxeU |
| TLSH | T128853370F30976BEB9824AC239BF0532A6645212706F5D57E6A03DAAF51034B36C63FD |
| hashlookup:children-total | 1083 |
| hashlookup:trust | 50 |
The searched file hash includes 1083 children files known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| FileName | ./usr/lib/python3/dist-packages/plaso/storage/event_heaps.py |
| FileSize | 2734 |
| MD5 | 46444D48533CA3F0EFA409D426AD6C07 |
| SHA-1 | 001042EAC6486D0E23C515B5C8AAF26C0E80F8D7 |
| SHA-256 | 3A68C28C686A279C7842AEF2EF88C8DB0D1651EFDAD6849EA3EE36E3C01887B0 |
| SSDEEP | 48:uPutShhjwhIFjdJZb/oDuGdqD6xBh6YjjhII6Ukj5RB7JIE1:uSSh5whIF5bCZjv9jjhII6Fd7D1 |
| TLSH | T14B517917E50A9EA2950FD72D439BA882B33664E3699860747CFC4C1CDF9282851F4BF8 |
| tar:gname | bin |
| tar:uname | root |
| Key | Value |
|---|---|
| FileName | lib/python3.7/site-packages/plaso/formatters/windows.py |
| FileSize | 1732 |
| MD5 | 9695CF72F3ACE1153F4D23059C669F98 |
| SHA-1 | 0099A0509C910287B65B66271C5DF6944A161DF1 |
| SHA-256 | D0CF7B9A1DAE48799A8273DD419E2ACCA1FB980AA43CA14E02CDBB0022937571 |
| SSDEEP | 24:ly8lUNxNwYyFldrTrPJGoI+FWJ8bmMXyFjIYFpgrVorPJ4XTxT19Nv:IuwH1wuR8pIdgTxT19Nv |
| TLSH | T19C31F135C4562512549713CE4B8D4B40867A01F34D872457BCBD8A90EFF7D87523AB9D |
| tar:gname | bin |
| tar:uname | root |
| Key | Value |
|---|---|
| FileName | ./usr/lib/python2.7/dist-packages/plaso/formatters/pe.py |
| FileSize | 1976 |
| MD5 | CF1835943299F6D70656C62E3083668C |
| SHA-1 | 00E4D266CAEE9887DFC91C6C9B22C73592012D35 |
| SHA-256 | 04BCC1863C5F5B9BB5D8EABEC95CC4E35E52D51BD01BF570FCBA45147C64DAA5 |
| SSDEEP | 24:l+8lUNxNw6FFOAcGKOFFedr2OeF6fG2OlFqf4+OrFL5fKcNVFVoXdrLmTfa:0uwHqdtr2f28+Exkdra7a |
| TLSH | T11B41DD23C01F56425AC366DF83843010FB3A26B3AE57281BFC7D4519A763F84439B716 |
| tar:gname | bin |
| tar:uname | root |
| Key | Value |
|---|---|
| FileName | usr/lib/python2.7/site-packages/plaso/engine/__init__.pyo |
| FileSize | 144 |
| MD5 | 9BD69A98D02D4AF96CF9AE3D5AE3912C |
| SHA-1 | 01E073B8972D135041BEE2BD79D2F9620D78252F |
| SHA-256 | CCEA4BAFBD07B63C77E913BE8D94631998FD78BCDD526CE899ED4EBFDBDBC4A7 |
| SSDEEP | 3:4OL12leh/Tj3tNltNltWUa/9Y3IMmoWrzzWKrRzaiDlll:4W1Ceh/T4UY9Y3xmDr/WKrRa2t |
| TLSH | T124C02B40F3F68563D6341534F200030E01884033D00474807004005D0CC90AD0C2D8C4 |
| tar:gname | root |
| tar:uname | root |
| Key | Value |
|---|---|
| FileName | usr/lib/python2.7/site-packages/plaso/parsers/shared/shell_items.pyo |
| FileSize | 6150 |
| MD5 | B5322B333573ADC86156BE1FBB1C4C2C |
| SHA-1 | 0273CF5F2446C758410AF16AEC9C233EC1C4E6C9 |
| SHA-256 | AF7E7EF0E976881DEC9273A4BDE1D7FAD09435820D6888BEA605EFBB7E18B568 |
| SSDEEP | 96:pERxjfVDtywjSs2l+ldk2wvkBG4xVctaPsEKq1yGJOENL6dd9JNPKim:pEPjNEYG+ldWvkE4x1BKq7Oqa9/Tm |
| TLSH | T172C17781B2A951AFC2946775A9740AD38CB6F0B7E241674233ECE4743FDA3A5C03B380 |
| tar:gname | root |
| tar:uname | root |
| Key | Value |
|---|---|
| FileName | usr/lib/python2.7/site-packages/plaso/formatters/vsftpd.pyo |
| FileSize | 897 |
| MD5 | 455BFC86282FA1E2C89315A95BBE33DB |
| SHA-1 | 02AABAB38AD6B4C487700B0B6BC79B6F08717108 |
| SHA-256 | B9802492DF53357DE3DAA79E0DEE00BE0D6B98648FE74BCB132F60A5E8230381 |
| SSDEEP | 24:4WWlY/ZKa3lEpDEzXGV0IJzbrVD8DYYQf/4/hk8XPlYQ5GK:wY/ZKoygSVZYQfQkGdYQ1 |
| TLSH | T16A11CCD1D2DE5AEBD00E03FED1D41017CE4E76F7DA801243D67468B818DBA89855B78B |
| tar:gname | root |
| tar:uname | root |
| Key | Value |
|---|---|
| FileName | usr/lib/python2.7/site-packages/plaso/preprocessors/linux.pyo |
| FileSize | 10302 |
| MD5 | 9C2294026BA5C98A1DE19A4F024443EA |
| SHA-1 | 02F19A3BE673A7DBFBC462DE285ED2359ABA1706 |
| SHA-256 | 8120E49EDF6DA700413F05DAFB55B5A1188DF5C9188A5FBDC8314572081746F9 |
| SSDEEP | 192:O9op2eidMW9Ls3Ij4rGbIq5CdIvdfrwI1o4qojNv7S22Ic88B:OyNCLs4c60q5CKtrL1o4fxv7SZN88B |
| TLSH | T108222150AAEC8A93C590067090E456539E68F1BBA34053257BFCF03C6FC91A6D67BFC6 |
| tar:gname | root |
| tar:uname | root |
| Key | Value |
|---|---|
| FileName | usr/lib/python2.7/site-packages/plaso/parsers/vsftpd.pyo |
| FileSize | 6038 |
| MD5 | C6D23A6EECEB80346126C97B50367A5F |
| SHA-1 | 03249B876C69970609246A1CFAF6670C15A190D3 |
| SHA-256 | 03F3554FC7019670AF1A3D2804B24A7E987910A75F35057B51D0DB328973E686 |
| SSDEEP | 96:gSmE3Eq3SOYs+/G6EjHUdo3MrtZb0Mwh6M8wHfsGJqWn6YtJoLwafRSWACV/9xoY:/mE3OO+G6EjH6OMr3b0MwcQXqWn69MmZ |
| TLSH | T1F0C1954272AE41E7C1A803B9A5F91663CE73B1F76104874039ECA8783FD966DD13B794 |
| tar:gname | root |
| tar:uname | root |
| Key | Value |
|---|---|
| FileName | usr/lib/python2.7/site-packages/plaso/parsers/sqlite_plugins/android_sms.pyo |
| FileSize | 6976 |
| MD5 | 3E10EC78247A27420A67FD0F06AC1DB9 |
| SHA-1 | 03D6C997DE3B5439473302B0D1812EDCCFE82672 |
| SHA-256 | DD3C45EA2E8868CACE0BA80D4085CED7AEE557F34C2CA65AA3975C33F223ABE8 |
| SSDEEP | 192:YVV+ifEEbEQWdNt6ktbknusL6CbzaWeWyGfzV5381:Yz5fnIQUNt6ConusL6CXandGfz3381 |
| TLSH | T1A5E143D31ABD0592C5404233BDB06417997CF97B812376812DB890336EDAE67D42B6FE |
| tar:gname | root |
| tar:uname | root |
| Key | Value |
|---|---|
| FileName | ./usr/lib/python3/dist-packages/plaso/parsers/presets.py |
| FileSize | 7245 |
| MD5 | C0BBA85C9AADFB29C9F0E3A3CF676C58 |
| SHA-1 | 042454DA4EBBBCF1636ED8512C788018CA21BE2E |
| SHA-256 | 325159DFE9B9C167889BE32DC4E2EECFFF3279C864E010D6842A0553080EDFAA |
| SSDEEP | 192:E+sI3H9iIuXIV1I9kMs8IlMOI5IxIFx0U0mde8IqIoI1nIKImIGk+xr/seVuTHIx:/fLR802OGsPBDGhFZ+5q5UKMI4d |
| TLSH | T132E19B2FCD4659079B538A7E48EE9050653DA8131406D8AB3AFCA458FF17C2E4BB3E5C |
| tar:gname | bin |
| tar:uname | root |