Query result

Key	Value
FileName	./usr/lib/arm-linux-gnueabi/prelude-lml/pcre.so
FileSize	30244
MD5	867D24BCBD45AAE1FBD0C73B783A5848
SHA-1	AF5B28B99994F357FB37E5DB6A8237FD54CF5DE3
SHA-256	1962139728FD9D9FE4D0D9BF05840E3138321A08485282FC78320E71802C21A9
SSDEEP	768:A2vpGcCTAcSdWRb6GaSVjBZ5p0A1U0t0HysB7Vo5+L:A6pGcCTAcQWcGaSnU00HysB7Vo5+
TLSH	T177D2B5DAA0518E72C6C06676F72D8B1C723353B8C1CBE702D91491B82EDAD6D4D76F0A
hashlookup:parent-total	1
hashlookup:trust	55

Network graph view

The searched file hash is included in 1 parent files which include package known and seen by metalookup. A sample is included below:

Key	Value
FileSize	216364
MD5	344EFFB388875284407BC7E65FFB1891
PackageDescription	Security Information and Events Management System [ Log Agent ] The Prelude Log Monitoring Lackey (LML) is the host-based sensor program part of the Prelude SIEM suite. It can act as a centralized log collector for local or remote systems, or as a simple log analyzer (such as swatch). It can run as a network server listening on a syslog port or analyze log files. It supports logfiles in the BSD syslog format and is able to analyze any logfile by using the PCRE library. It can apply logfile-specific analysis through plugins such as PAX. It can send an alert to the Prelude Manager when a suspicious log entry is detected.
PackageMaintainer	Pierre Chifflier <pollux@debian.org>
PackageName	prelude-lml
PackageSection	admin
PackageVersion	5.2.0-2
SHA-1	C96FE2D3E034D178C6BB21FA91F2BD4FECD59776
SHA-256	7D6A0E2F1632FE5055C900F1BCCDC5C8933B8E5CE5B3E3A61EBCCB8A5E82FDFD