Vault 7: Projects
This publication series is about specific projects related to the Vault 7 main publication.
SECRET//NOFORN
SUBJECT: ExpressLane v3.1.1 – IMIS Requirement #2009-1655
1. Objective: (S) OTS/i2C is requesting the development of an enhanced
version of the ExpressLane v3.0 tool that will be called ExpressLane
v3.1.1. ExpressLane is a Windows Service that collects files to a covert
partition on a USB drive. ExpressLane has a timed kill capability that
revokes the functionality of biometric collection/analysis software. Version
3.1.1 launches a Windows installation splash screen that runs as the cover
application during covert file collection.
2. CONOP: – Concept of Operation:
(S//NF) OTS/i2c has a biometric collection system that
is provided to liaison services around the world. The systems are provided to Liaison with the
expectation for sharing of the biometric takes collected on the systems. Some of these
biometric systems have already been given to the Liaison services. OTS/i2c plans to revisit
these sites with the cover of upgrading the biometric software to perform a collection against
the biometric takes.
3. Requirements:
3.1. (U) The execution of the tool shall look like an authentic Windows
installation.
3.1.1. (U) It shall show a splash screen with a progress bar during
installation.
3.1.2. (U) The executable shall be called MOBS_Upgrade.exe.
3.1.3. (S) The executable shall not be tied to any Crossmatch software.
3.1.3.1. (S) The executable shall be a separate script that does not
install any Crossmatch software.
3.2. (S) The collection shall begin during the execution of the
installation.
3.2.1. (S) Activation of the collection software shall occur without
removing/reinserting the thumb drive.
3.2.2. (S) Collection shall begin within one minute of the installation
beginning.
3.3. (S) The tool shall collect *.eft, *.ldf and *.mdf files.
Page 1 of 5.
CL BY: 2259322
CL REASON: 1.4(c)
DECL ON: 20340415
DRV FROM: COL S-06
SECRET//NOFORN
ExpressLane-3_1_1-Requirement-Statement.pdf