Key | Value |
---|---|
MD5 | 8A784938B9B8BE90B07588DDDEA6B74D |
PackageArch | ppc64 |
PackageDescription | Hive files are the undocumented binary files that Windows uses to store the Windows Registry on disk. Hivex is a library that can read and write to these files. 'hivexsh' is a shell you can use to interactively navigate a hive binary file. 'hivexregedit' lets you export and merge to the textual regedit format. 'hivexml' can be used to convert a hive file to a more useful XML format. In order to get access to the hive files themselves, you can copy them from a Windows machine. They are usually found in %systemroot%\system32\config. For virtual machines we recommend using libguestfs or guestfish to copy out these files. libguestfs also provides a useful high-level tool called 'virt-win-reg' (based on hivex technology) which can be used to query specific registry keys in an existing Windows VM. For OCaml bindings, see 'ocaml-hivex-devel'. For Perl bindings, see 'perl-hivex'. For Python bindings, see 'python-hivex'. For Ruby bindings, see 'ruby-hivex'. |
PackageMaintainer | Fedora Project |
PackageName | hivex |
PackageRelease | 7.fc19 |
PackageVersion | 1.3.7 |
SHA-1 | F78C7EFC15E2111D3A8F25DFE86433F2FC54D60E |
SHA-256 | 46629848CBAF3ABF68F23B4D201FAE9A3E6A2E1C3A7D0DEEDEFBD0BE1EF3E769 |
hashlookup:children-total | 26 |
hashlookup:trust | 50 |
The searched file hash includes 26 children files known and seen by metalookup. A sample is included below:
Key | Value |
---|---|
FileName | ./usr/share/locale/mr/LC_MESSAGES/hivex.mo |
FileSize | 6065 |
MD5 | 6D99DCE680BDC96AC86FC1A943257531 |
SHA-1 | 042089F33DBFB313A1A5E129333283AD21D5A335 |
SHA-256 | 126313BD03B49C4594B0852C023D133DD8797CCA3F6233CA0B40EE8AD148232E |
SSDEEP | 96:7/H3kWXhG+KmJVdY1Uw0iqCtzwSHApGvE6oBsdGw3vbyYve4i+Nlj+749X74eLiN:gWxx1SOutZTExC2ejkwABcgIBGj |
TLSH | T15FC1014CF37DF756CEFD78B927584E3689B811B4CBE542520888F2937C80CB811AE59A |
Key | Value |
---|---|
FileName | ./usr/share/locale/ru/LC_MESSAGES/hivex.mo |
FileSize | 5463 |
MD5 | D5F650444D836D32551D673D53224E4B |
SHA-1 | 0DEE6DB1D6BDE0E5116CCDE931A37B521860C153 |
SHA-256 | ED652EBDD8487D112F76B35132749225644208250325EE49D9A150578BE42AA7 |
SSDEEP | 96:7/urkWXhG+KmJVdY1Uw0iqCtKrzQ9IZ65sgw2OLDGBkLo12+rx8TFxxgDnn:iQWxx1SOutRPsgwFLamLo1PxAXxgDnn |
TLSH | T1B7B173214B893DAFD6567177CA08AA097DD704FE3FBA93501658996F30E2478873F28C |
Key | Value |
---|---|
FileName | ./usr/share/locale/or/LC_MESSAGES/hivex.mo |
FileSize | 708 |
MD5 | 99C6940D816142D46A6F5F2DA563A355 |
SHA-1 | 1916992F6A747C9D39902C71E84D3B01ABB03455 |
SHA-256 | F25CB4A72B76A0C6B8D08A1F9CF8D3D4F21F9ACA9C67D81A88E8EBFEB1A2B461 |
SSDEEP | 12:iCAuzk25UMAHAl68Oit0jDxU06Q5wn/0cQzlwxEXmBQWiOWOgD6HqqnagP+qhi:/Auz95UMew68Oit0jDxUi5+0c0qEXmGx |
TLSH | T117012340E8A48D10D6DC30F28380C33832180696FADBE9C6290B54A63FD6AFD06B9644 |
Key | Value |
---|---|
CRC32 | AEFA18C6 |
FileName | README |
FileSize | 3067 |
MD5 | F9107B889B57B930F7B70452E196BA86 |
OpSystemCode | 362 |
ProductCode | 183357 |
SHA-1 | 1A4B105C1CAF3F16716EFA21236B786A7CBCB758 |
SHA-256 | CC5DB02C966F3745D2DD90BC66DE6E870A304D4CEA441F80C82B6F00370F6837 |
SSDEEP | 48:t2lyXyvv18eGFxqqsfS2P/tL3hITBjvDoSox5vDrzGhN3/Jkd5dHUcNzv:oyXWKfBsfptLGvDKxYXPAHUAzv |
SpecialCode | |
TLSH | T16C5195366EA8837363F0D6B0520EC2B5CB26853D9A3F55D2597C404AB322DA162FD3F0 |
db | nsrl_modern_rds |
insert-timestamp | 1646988226.3800511 |
source | NSRL |
Key | Value |
---|---|
FileName | ./usr/share/locale/zh_CN/LC_MESSAGES/hivex.mo |
FileSize | 4168 |
MD5 | B1DE9C260D984D3756199F28D2EFAC1C |
SHA-1 | 208CD97E5074614685737CEF82791C3CA2F65216 |
SHA-256 | E41124E0B156E3610FD3F627401A3BA9C19D8A1F5BA8BA03ED30535C6273699C |
SSDEEP | 96:7/A5kWXhG+KmJVdY1Uw0iqCtxpi12kpNt2yhqJa:caWxx1SOut7pSQo |
TLSH | T1EF81D655CB442F8FEBEB01B0878DC256466405B8DF9BA2902EECC5D679818AC10FF8CC |
Key | Value |
---|---|
CRC32 | EA01DC1A |
FileName | usr/bin/hivexget |
FileSize | 1035 |
MD5 | 9A3D08CCB414EF5820F15E60ADD5FABA |
OpSystemCode | 362 |
ProductCode | 183705 |
SHA-1 | 224CCF0E3E7A7D7276A233F4F6194D4873EBEF1E |
SHA-256 | 48FEE0A09A84DE9F91687F2471B8CFBD59CE3152DE08E61268539F4D005499B3 |
SSDEEP | 24:oct2HSCUgiyUVOkHxHqTbV3oDq9e4IOJpWeu:onyzjyUjH0uqQ4IEMeu |
SpecialCode | |
TLSH | T17A11758D3081C3B6880402E83A0A61DEA12D579F6B6D1464700DE25EEF05FB655F26D8 |
db | nsrl_modern_rds |
insert-timestamp | 1646991339.9974313 |
source | NSRL |
tar:gname | root |
tar:uname | root |
Key | Value |
---|---|
FileName | ./usr/share/man/man1/hivexml.1.gz |
FileSize | 2646 |
MD5 | 36BCFDBAB7ABA1F41F5AAA132AE05D34 |
SHA-1 | 267590751929060C2BD0383DD7ABD9B2A5F7943E |
SHA-256 | E7450B31CAFF465062E293B7C483148A8D200375FF39AACC2A5C0F26B0D30CF1 |
SSDEEP | 48:XIyX6ztP4QSQ8uc2hyh8fe2LSM3UADcmHvdD4kJE3dKU+3KYyyzur65/:Yi+8u9y8/HDcmPdhUd1tYBq0 |
TLSH | T143515C889CDF6CAE8C8C91E65AC71AA1F41D8F7D3C77E860E1299C256229701307202A |
Key | Value |
---|---|
FileName | ./usr/lib64/libhivex.so.0.0.0 |
FileSize | 135864 |
MD5 | 3214469B2A48847FC7131289DEDA9BDA |
SHA-1 | 285DB5B3BBFC4F05494885502E7826CDC4B9B56E |
SHA-256 | AC13E2B51EEE565C16D90C82C45A318858E1472B89C19C020B259F2198B0FB4A |
SSDEEP | 1536:QVT1xsLLVkgTQm1FMuDO04F7lBgjaagElSaY3LCoJ9:6pGDMuDOrNlBgeabmp |
TLSH | T1A9D33AC23F146AD3E6583BB0812966B8F37D38415528D7C57F0F0B2B1AD3DE4982E986 |
Key | Value |
---|---|
FileName | ./usr/share/locale/fr/LC_MESSAGES/hivex.mo |
FileSize | 4762 |
MD5 | E1035408F0F8AE60DB47E404AF46555B |
SHA-1 | 3D124CD5D1BF909D1240ED7306C73B9A572FCF53 |
SHA-256 | 5EE0FBC4A075D56CDD1FA027EECF7F798BF2BFEDB94893196493C9D244AF6E15 |
SSDEEP | 96:7/f4YkWXhG+KmJVdY1Uw0iqCtU9qpzBIyV11tWlAVspUgIh3U92:T41Wxx1SOutUlyP/Wlosq02 |
TLSH | T116A1C8EED7C427ABEBC21176B71DD102C6148E989E56E3441D9CC346328C8BC48ED9DC |
Key | Value |
---|---|
FileName | ./usr/share/locale/nl/LC_MESSAGES/hivex.mo |
FileSize | 4425 |
MD5 | 0AC481A543AE07C8FBE18062C2A35BC1 |
SHA-1 | 4D7BEAF2CDF80690B8FB8656F0B040E1D6111442 |
SHA-256 | 0768EC030A58A14DA762EB9615E91539035CFF9DFD48BFA88AEACC061B2ABCC7 |
SSDEEP | 96:7/MRkWXhG+KmJVdY1Uw0iqCtVimlx00B8OgURYGmgx1Z9:4SWxx1SOutIK5KvWp |
TLSH | T19691C74B8B802A6FCBD711F6E74DC282958401289EB6D265695CC572B9C0DBE52FF0DC |