Query result

Key	Value
FileName	./usr/lib/x86_64-linux-gnu/prelude-lml/pcre.so
FileSize	39096
MD5	B4B575E38EF1018626147ECF734A6883
SHA-1	8424A65228D8176E364CCBE4595D6F2148AC17AF
SHA-256	B177C38E77F72CF6B8855151062ACA862B3A19AC94ED49465E54BAC9D7341923
SSDEEP	768:2cE/G7AcT4YcDCSkYoW7SSXYqvgcuoC7GntvjNK:2cE/G7AcEYcoWG9FcuoiEJjY
TLSH	T1FA034B5BB1A148FCC5D08570CE679A71A9703016D311AA3BB544A7782E82F349B2FF3A
hashlookup:parent-total	1
hashlookup:trust	55

Network graph view

The searched file hash is included in 1 parent files which include package known and seen by metalookup. A sample is included below:

Key	Value
FileSize	219100
MD5	BA491A331A02A2EE2C604C622B2DF555
PackageDescription	Security Information and Events Management System [ Log Agent ] The Prelude Log Monitoring Lackey (LML) is the host-based sensor program part of the Prelude SIEM suite. It can act as a centralized log collector for local or remote systems, or as a simple log analyzer (such as swatch). It can run as a network server listening on a syslog port or analyze log files. It supports logfiles in the BSD syslog format and is able to analyze any logfile by using the PCRE library. It can apply logfile-specific analysis through plugins such as PAX. It can send an alert to the Prelude Manager when a suspicious log entry is detected.
PackageMaintainer	Pierre Chifflier <pollux@debian.org>
PackageName	prelude-lml
PackageSection	admin
PackageVersion	4.1.0-2
SHA-1	CB68898A83766127130C31175383A2E0B3D6250B
SHA-256	A5DA449ED96B05D6A93DBE7560FBD3B7F2F1E6F0F98FFB0E0C09BDF0F5E9B469