Query result

Key	Value
FileName	./usr/lib/arm-linux-gnueabihf/prelude-lml/pcre.so
FileSize	26156
MD5	470998F018C44E3FAB56998FE292DD3C
SHA-1	839490487366CDBC1B370B8E6ADD88F9F9EC2B99
SHA-256	8C7DAF1C68FA7DF30E4AC3B6D137CD7D6338A9FD7119AFFD1A0E03E0220E0792
SSDEEP	384:W0axpGcCTAc20sZP5PRgLuvHiWQrHRaweLqklNJw+1Xdccdkt0lYevLV:faxpGcCTAcwPhqZrHEwt+1gAL
TLSH	T138C2F8D4B02F8E27CDD062B9DF6A4F4066E0818F4296DF21AD28D1B41FCD56C8D67D26
hashlookup:parent-total	1
hashlookup:trust	55

Network graph view

The searched file hash is included in 1 parent files which include package known and seen by metalookup. A sample is included below:

Key	Value
FileSize	214832
MD5	92FAB738DA8A2F4305D21FA1C7A193DC
PackageDescription	Security Information and Events Management System [ Log Agent ] The Prelude Log Monitoring Lackey (LML) is the host-based sensor program part of the Prelude SIEM suite. It can act as a centralized log collector for local or remote systems, or as a simple log analyzer (such as swatch). It can run as a network server listening on a syslog port or analyze log files. It supports logfiles in the BSD syslog format and is able to analyze any logfile by using the PCRE library. It can apply logfile-specific analysis through plugins such as PAX. It can send an alert to the Prelude Manager when a suspicious log entry is detected.
PackageMaintainer	Pierre Chifflier <pollux@debian.org>
PackageName	prelude-lml
PackageSection	admin
PackageVersion	5.2.0-2
SHA-1	B5B03266447515CC81654341B1E24FE0078CC071
SHA-256	1E404D413CF92BF83C2AE1B956089FF1A2E6DC286DB2F469FABAFFC29FF50AD4