Documents

DYNAMIC PAGE-HIGHEST POSSIBLE CLASSIFICATION IS TOP SECRET //COMINT //REL TO USA , FVEY You are logged in a !search FlawMill [ --- Jump to project --- ~1 flawmillbeta • • • • {TS//SI//REL) ROC CT MAC NSAW DMW QUEUE Issues Projects Home edit Issue #12: (TS//SI//REL) AZTECTOMB32 DMW Install and ESH Package 8 months ago by at 18:10, 13 Feb 2012 I [R] I Votes Actions • • • • • • Add an UP-date Add a Subscriber Subscribe to this Issue AdoP-tthis Issue Assign this Issue Move this Issue Project Actions • Submit an Issue • Return to Project (TS//SI//REL) Please create a DEMENTIAWHEEL install for AZTECTOMB32 (Has a UR and VAL ID is 610104408). Target is Win 7 32-bit running PSP Kaspersky 2010. Once DEMENTIAWHEEL is installed , please build a 12:3:1 ESH package (84 total possible infection s) for deployment with AZTECTOMB32. Please make sure all USBs that are seen will be infected. Detail s : ESH payload: DEMENTIAWHEEL (Version based off your install) , VALIDATOR (32 and 64-bit) VALIDATOR setting s: LP: 50 Project Name: AZTECTOMB 32 and 64 bit VALIDATORs Callback frequency: 1 hour DEMENTIA WHEEL setting s: airgapLogFlag = 1 copy AirgapExfilToDi skFlag = 1 Details Submitted by: Owner s : Statu s: closed Priority: high Tags: renIY(U) Starting Build

8 months ago by at 11:33, 23 Feb 2012 (TS) Took ticket , the PSP is still unevaluated , awaiting testing. Had to change from 12:3: 1 ESH to 10:3: 1 becau se of ESH limitation. Updates • Statu s changed from "new " to "accepted " renIY(U) Built 8 months ago by at 11:36, 23 Feb 2012 (TS//SI/ /REL) Building complete and in Awaiting PSP testing and evaluation from lrivera. Updates • Statu s changed from "accepted " to "configured/awaiting testing " renIY(U) On Hold 8 months ago by at 14:53, 27 Feb 2012 (TS//SI//REL)The new guidance per ROC MD 's and PSP Platform Champion is "NO NEW IMPLANTS ON KASPERSKY 2010+. " This is becau se Kaspersky 2010+ products have been updated to include the cloud functionality. Until the work around is fixed then nothing can be implanted on them. Any existing implant s are ok to continue collection from , but no new installation s ! This means for this project , DMW and ESH is a NO GO! Sorry. The following link is the PSP advisory from PORTALSIX: Updates • Statu s changed from "configured/awaiting testing " to "on hold " renIY(U) Closed 6 months ago by sat 13:33, 18 Apr 2012 (TS//SI/ /REL)Clo sed due to PSP, per analyst Updates • Statu s changed from "on hold " to "closed " Add an Update Summary Detail s [ preview I Detail s use Wikilnfo- style markup (info) . Issue Statu s !clo sed « [ re-open I

Issue Priority !high « [ low I [ medium I [ high I [ critical I Add Tags ....__ _________ __. Tags should be comma separated Attach 1mag~ 12atch file issue [ Post Update I Portion marking and bold fields are required. Content Steward: (S//SI//REL) Page Publisher: (U//FOUO) Derived From: NSA/CSSM 1-52 Dated: 20070108 Declassify On: 20320108 An Innovations Working Grou12Project. DYNAMIC PAGE-HIGHEST POSSIBLE CLASSIFICATION IS TOP SECRET //COMINT //REL TO USA , FVEY