search

mandiant / VM-Packages

Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.
Apache License 2.0
143 stars 64 forks source link

vbdec.vm repo is no longer available with no public replacement candidate #618

Closed tylerwhardy closed 1 year ago

tylerwhardy commented 1 year ago

What's the problem?

vbdec.vm repository returns a 404 and appears to be delisted.

Recommend removal of package from installation list if no other binary available. I could not locate a recent one but other users may have them available. 

vbdec.vm v12.7.22
vbdec.vm package files install completed. Performing other installation steps.
 *** LOADING BOXSTARTER ***
ERROR: The remote file either doesn't exist, is unauthorized, or is forbidden for url 'https://github.com/dzzie/pdfstreamdumper/releases/download/vbdec_12.7.22/VBDEC_Setup_SnapShot_12.8.22.exe'. Exception calling "GetResponse" with "0" argument(s): "The remote server returned an error: (404) Not Found."
The install of vbdec.vm was NOT successful.
Error while running 'C:\ProgramData\chocolatey\lib\vbdec.vm\tools\chocolateyinstall.ps1'.
 See log for details.

Chocolatey installed 0/1 packages. 1 packages failed.
 See the log for details (C:\ProgramData\chocolatey\logs\chocolatey.log).

Failures
 - vbdec.vm (exited 404) - Error while running 'C:\ProgramData\chocolatey\lib\vbdec.vm\tools\chocolateyinstall.ps1'.
 See log for details.

Steps to Reproduce

Run install.ps1

Environment

2023/08/04 17:15:51 vm.common.psm1 [+] INFO : Host Information

VM OS version and Service Pack

Version : 10.0.19045 BuildNumber : 19045 OSArchitecture : 64-bit ServicePackMajorVersion : 0 Caption : Microsoft Windows 10 Pro

VM OS RAM (MB)

4048

VM OS HDD Space / Usage

DeviceID DriveType ProviderName VolumeName Size FreeSpace

C: 3 106770448384 80857751552 D: 5 virtio-win-0.1.229 534818816 0
E: 5 CCCOMA_X64FRE_EN-US_DV9 6140975104 0

VM AV Details

AntiVirusProduct classname does not exist...

VM PowerShell Version

5.1.19041.3031

VM CLR Version

4.0.30319.42000

VM Chocolatey Version

2.2.0

VM Boxstarter Version

Boxstarter|3.0.2 Boxstarter.Bootstrapper|3.0.2 Boxstarter.Chocolatey|3.0.2 Boxstarter.Common|3.0.2 Boxstarter.HyperV|3.0.2 Boxstarter.WinConfig|3.0.2

VM Installed Packages

Boxstarter|3.0.2 Boxstarter.Bootstrapper|3.0.2 Boxstarter.Chocolatey|3.0.2 Boxstarter.Common|3.0.2 Boxstarter.HyperV|3.0.2 Boxstarter.WinConfig|3.0.2 chocolatey|2.2.0 common.vm|0.0.0.20230714

Common Environment Variables

VM_COMMON_DIR: C:\ProgramData_VM TOOL_LIST_DIR: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tools TOOL_LIST_SHORTCUT: C:\Users\Analyst\Desktop\Tools.lnk RAW_TOOLS_DIR: C:\Tools

2023/08/04 19:24:51 [libraries.python3.vm] chocolateyinstall.ps1 [+] ERROR : Failed to install Python 3.9 module: stringsifter 2023/08/04 19:24:51 [libraries.python3.vm] chocolateyinstall.ps1 [+] ERROR : Check C:\ProgramData\chocolatey\lib-bad\libraries.python3.vm\tools\install_log.txt for more information 2023/08/04 19:35:22 [libraries.python3.vm] chocolateyinstall.ps1 [+] ERROR : Failed to install Python 3.9 module: stringsifter 2023/08/04 19:35:22 [libraries.python3.vm] chocolateyinstall.ps1 [+] ERROR : Check C:\ProgramData\chocolatey\lib-bad\libraries.python3.vm\tools\install_log.txt for more information 2023/08/04 20:12:10 [libraries.python3.vm] chocolateyinstall.ps1 [+] ERROR : Failed to install Python 3.9 module: stringsifter 2023/08/04 20:12:10 [libraries.python3.vm] chocolateyinstall.ps1 [+] ERROR : Check C:\ProgramData\chocolatey\lib-bad\libraries.python3.vm\tools\install_log.txt for more information 2023/08/04 20:17:15 [flarevm.installer.vm] chocolateyinstall.ps1 [+] INFO : Packages installed:

2023/08/04 20:17:15 [flarevm.installer.vm] chocolateyinstall.ps1 [+] ERROR : Failed to install: libraries.python3.vm 2023/08/04 20:17:15 [flarevm.installer.vm] chocolateyinstall.ps1 [+] ERROR : Failed to install: putty.vm 2023/08/04 20:17:15 [flarevm.installer.vm] chocolateyinstall.ps1 [+] ERROR : For each failed package, you may attempt a manual install via: choco install -y 2023/08/04 20:17:15 [flarevm.installer.vm] chocolateyinstall.ps1 [+] ERROR : Failed package list saved to: C:\Users\Analyst\Desktop\failed_packages.txt 2023/08/04 20:17:15 [flarevm.installer.vm] chocolateyinstall.ps1 [+] ERROR : Please check the following logs for additional errors: 2023/08/04 20:17:15 [flarevm.installer.vm] chocolateyinstall.ps1 [+] ERROR : C:\ProgramData_VM\log.txt (this file) 2023/08/04 20:17:15 [flarevm.installer.vm] chocolateyinstall.ps1 [+] ERROR : %PROGRAMDATA%\chocolatey\logs\chocolatey.log 2023/08/04 20:17:15 [flarevm.installer.vm] chocolateyinstall.ps1 [+] ERROR : %LOCALAPPDATA%\Boxstarter\boxstarter.log 2023/08/04 20:21:41 vm.common.psm1 [+] INFO : Host Information

VM OS version and Service Pack

Version : 10.0.19045 BuildNumber : 19045 OSArchitecture : 64-bit ServicePackMajorVersion : 0 Caption : Microsoft Windows 10 Pro

VM OS RAM (MB)

4048

VM OS HDD Space / Usage

DeviceID DriveType ProviderName VolumeName Size FreeSpace

C: 3 106770448384 46819958784 D: 5 virtio-win-0.1.229 534818816 0
E: 5 CCCOMA_X64FRE_EN-US_DV9 6140975104 0

VM AV Details

AntiVirusProduct classname does not exist...

VM PowerShell Version

5.1.19041.3031

VM CLR Version

4.0.30319.42000

VM Chocolatey Version

2.2.0

VM Boxstarter Version

Boxstarter|3.0.2 Boxstarter.Bootstrapper|3.0.2 Boxstarter.Chocolatey|3.0.2 Boxstarter.Common|3.0.2 Boxstarter.HyperV|3.0.2 Boxstarter.WinConfig|3.0.2

VM Installed Packages

010editor.vm|13.0.2 7zip.install|23.1.0 7zip-15-05.vm|15.5.0 adconnectdump.vm|0.0.0.20230710 apimonitor|2.13.0.20210213 apimonitor.vm|2.13.0.20220224 apktool|2.7.0 apktool.vm|2.7.0 asreproast.vm|0.0.0.20230713 autohotkey|1.1.36.2 autohotkey.install|1.1.37.1 az.powershell|10.2.0 azurehound.vm|2.0.4.20230713 badassmacros.vm|1.0.0 bloodhound.vm|4.3.1.20230713 bloodhound-custom-queries.vm|0.0.0.20230713 Boxstarter|3.0.2 Boxstarter.Bootstrapper|3.0.2 Boxstarter.Chocolatey|3.0.2 Boxstarter.Common|3.0.2 Boxstarter.HyperV|3.0.2 Boxstarter.WinConfig|3.0.2 burp-free.vm|0.0.0.20230711 burp-suite-free-edition|2022.12.4 bytecodeviewer.vm|2.11.2 c3.vm|0.0.0.20230711 capa.vm|5.1.0.20230418 certify.vm|1.1.0.20230713 chocolatey|2.2.0 chocolatey-compatibility.extension|1.0.0 chocolatey-core.extension|1.4.0 chocolatey-dotnetfx.extension|1.0.1 chocolatey-visualstudio.extension|1.11.0 chocolatey-windowsupdate.extension|1.0.5 Cmder|1.3.21 cmder.vm|1.3.21 codetrack|1.0.3.301 codetrack.vm|1.0.3.20230526 common.vm|0.0.0.20230714 confuserex|1.6.0 confuserex.vm|1.6.0.20230713 covenant.vm|0.0.0.20230711 credninja.vm|2.3.0 cutter.vm|2.2.1 Cygwin|3.4.7 cygwin.vm|3.4.7 de4dot-cex.vm|4.0.0.20230526 dependencywalker|2.2.6000.9 dependencywalker.vm|2.2.6000 die.vm|3.7.20230523 dll-to-exe.vm|1.1.0 dnspyex.vm|6.4.0 dotnet-6.0-desktopruntime|6.0.20 dotnetfx|4.8.0.20220524 dotnettojscript.vm|0.0.0.20230713 dumpert.vm|0.0.0.20230711 evilclippy.vm|1.3.0 exeinfope.vm|0.0.7.20221209 exiftool|12.64.0 exiftool.vm|12.64.0 explorersuite.vm|0.0.0.20230523 fakenet-ng.vm|1.4.11.20230418 fiddler|5.0.20211.51073 fiddlerclassic.vm|5.0.20211.20221209 file.vm|0.0.0.20170108 flarevm.installer.vm|0.0.0.20230626 floss.vm|2.3.0 fuzzdb.vm|0.0.0.20230711 gadgettojscript.vm|2.0.0.20230713 getlapspasswords.vm|0.0.0.20230713 ghidra|10.3.2 ghidra.vm|10.3.2 gobuster.vm|3.5.0.20230713 GoogleChrome|115.0.5790.171 goresym.vm|2.4.0 gowitness.vm|2.5.0 group3r.vm|1.0.53 hashcat.vm|6.2.6 hashmyfiles.vm|0.0.0.20230524 hollowshunter.vm|0.3.6 hxd|2.5.0 hxd.vm|2.5.0.20230524 ida.diaphora.vm|3.0.0 idafree.vm|7.6.20230418 idr.vm|0.0.0.20230627 ifpstools.vm|2.0.2 ilspy|8.0.0.20230622 ilspy.vm|8.0.0.20230628 innoextract.vm|1.9.0.20230710 innounp.vm|0.50.0.20230710 inveigh.vm|2.0.10 invokedosfuscation.vm|1.0.0 invokeobfuscation.vm|1.8.2 isd.vm|1.5.0 javaruntime|8.0.231 jre8|8.0.381 juicypotato.vm|0.1.0 KB2919355|1.0.20160915 KB2919442|1.0.20160915 KB2999226|1.0.20181019 KB3033929|1.0.5 KB3035131|1.0.3 KB3063858|1.0.0 keethief.vm|0.0.0.20230713 kerbrute.vm|1.0.3 ldapnomnom.vm|1.1.0 libraries.python2.vm|0.0.0.20221203 mailsniper.vm|0.0.0.20230712 malware-jail.vm|0.0.0.20230616 map.vm|12.20.21 merlin.vm|1.5.1 mfasweep.vm|0.0.0.20230710 microburst.vm|0.0.0.20230320 mimikatz.vm|2.2.0 minidump.vm|0.0.0.20230711 nanodump.vm|0.0.0.20230713 nasm|2.16.1.20221231 nasm.vm|2.16.1.20230531 netfx-4.8|4.8.0.20220524 netgpppassword.vm|1.0.0 net-reactor-slayer|6.4.0 net-reactor-slayer.vm|6.4.0.20230621 networkminer.vm|2.8.0 nmap.vm|7.93.20230418.20230614 nodejs|20.5.0 nodejs.install|20.5.0 notepadplusplus|8.5.4 notepadplusplus.install|8.5.4 notepadplusplus.vm|8.5.4 notepadpp.plugin.compare.vm|2.0.2 npcap.vm|1.72.20230614 ollydbg.ollydumpex.vm|1.80.0 ollydbg.scyllahide.vm|0.0.0.20230210 ollydbg.vm|1.10.0.20230418 ollydbg2.ollydumpex.vm|1.80.0 ollydbg2.scyllahide.vm|0.0.0.20230210 ollydbg2.vm|2.1.0.20230418 openjdk|20.0.1 openvpn|2.6.5.1 openvpn.vm|2.6.5.20230713 outflank-c2-tool-collection.vm|0.0.0.20230713 payloadsallthethings.vm|0.0.0.20230711 pebear|0.6.5.2 pebear.vm|0.6.5.20230308 peid.vm|0.95.0.20221115 pesieve|0.3.6 pesieve.vm|0.3.6 pestudio.vm|9.53.0.20230629 petitpotam.vm|0.0.0.20230710 pma-labs.vm|0.0.0.20230626 powercat.vm|0.0.0.20230710 powermad.vm|0.0.0.20230711 powersploit.vm|0.0.0.20230713 powerupsql.vm|0.0.0.20230710 powerzure.vm|0.0.0.20230320 processdump.vm|2.1.1.20220908 python2|2.7.18 python3|3.9.13 regshot.vm|1.9.1 resourcehacker.portable|5.1.8 resourcehacker.vm|5.1.8 routesixtysink.vm|0.0.0.20230714 rubeus.vm|2.2.1 rundotnetdll.vm|2.2.0.20230526 safetykatz.vm|0.0.0.20230713 scdbg.vm|12.7.22 seatbelt.vm|1.2.0.20230713 seclists.vm|2023.2.0 setdllcharacteristics.vm|0.0.1 sharpcliphistory.vm|1.0.0 sharpdpapi.vm|1.11.3 sharpdump.vm|0.0.0.20230713 sharpexec.vm|0.0.0.20230713 sharphound.vm|1.1.1.20230713 sharplaps.vm|1.1.0 sharpsecdump.vm|0.0.0.20230711 sharpup.vm|0.0.0.20230602 sharpview.vm|0.0.0.20230713 sharpwmi.vm|0.0.0.20230713 shellcode_launcher.vm|0.0.0 situational-awareness-bof.vm|0.0.0.20230713 sliver.vm|1.5.41 snaffler.vm|1.0.126 spoolsample.vm|0.0.0.20230602 sqlitebrowser.portable|3.12.2 sqlitebrowser.vm|0.0.0.20230714 sqlrecon.vm|2.2.2.20230418 statistically-likely-usernames.vm|0.0.0.20230711 stracciatella.vm|0.7.0.20230713 streamdivert.vm|1.1.0 syswhispers2.vm|0.0.0.20230712 syswhispers3.vm|0.0.0.20230713 teamfiltration.vm|3.5.0.20230713 telnet.vm|0.0.0.20230317 truestedsec-remote-ops-bof.vm|0.0.0.20230713 unhook-bof.vm|0.0.0.20230713 uniextract2.vm|2.0.0.20220113 upx.vm|4.0.2.20230626 vcbuildtools.vm|0.0.0.20230621 vcredist140|14.36.32532 vcredist2010|10.0.40219.32503 vcredist2013|12.0.40660.20180427 vcredist2015|14.0.24215.20170201 visualstudio.vm|17.6.1.20230703 visualstudio2017buildtools|15.9.55 visualstudio2017-workload-vctools|1.3.3 visualstudio2022community|117.6.5 visualstudio-installer|2.0.3 vnc-viewer|7.5.1 vnc-viewer.vm|7.5.1 whisker.vm|0.0.0.20230714 windbg.vm|0.0.0 winscp|6.1.1 winscp.install|6.1.1 winscp.vm|6.1.1 wireshark|4.0.7 wireshark.vm|4.0.7 wmimplant.vm|0.0.0.20230713 x64dbg.ollydumpex.vm|1.80.0 x64dbg.scyllahide.vm|0.0.0.20210823 x64dbg.vm|2021.5.8.20230418 x64dbgpy.vm|1.0.56.20211021 yara|4.3.2 yara.vm|4.3.2

Common Environment Variables

VM_COMMON_DIR: C:\ProgramData_VM TOOL_LIST_DIR: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tools TOOL_LIST_SHORTCUT: C:\Users\Analyst\Desktop\Tools.lnk RAW_TOOLS_DIR: C:\Tools

2023/08/04 20:22:49 [flarevm.installer.vm] chocolateyinstall.ps1 [+] INFO : Packages installed:

2023/08/04 20:22:49 [flarevm.installer.vm] chocolateyinstall.ps1 [+] ERROR : Failed to install: libraries.python3.vm 2023/08/04 20:22:49 [flarevm.installer.vm] chocolateyinstall.ps1 [+] ERROR : Failed to install: putty.vm 2023/08/04 20:22:49 [flarevm.installer.vm] chocolateyinstall.ps1 [+] ERROR : For each failed package, you may attempt a manual install via: choco install -y 2023/08/04 20:22:49 [flarevm.installer.vm] chocolateyinstall.ps1 [+] ERROR : Failed package list saved to: C:\Users\Analyst\Desktop\failed_packages.txt 2023/08/04 20:22:49 [flarevm.installer.vm] chocolateyinstall.ps1 [+] ERROR : Please check the following logs for additional errors: 2023/08/04 20:22:49 [flarevm.installer.vm] chocolateyinstall.ps1 [+] ERROR : C:\ProgramData_VM\log.txt (this file) 2023/08/04 20:22:49 [flarevm.installer.vm] chocolateyinstall.ps1 [+] ERROR : %PROGRAMDATA%\chocolatey\logs\chocolatey.log 2023/08/04 20:22:49 [flarevm.installer.vm] chocolateyinstall.ps1 [+] ERROR : %LOCALAPPDATA%\Boxstarter\boxstarter.log 2023/08/04 20:40:16 vm.common.psm1 [+] INFO : Host Information

VM OS version and Service Pack

Version : 10.0.19045 BuildNumber : 19045 OSArchitecture : 64-bit ServicePackMajorVersion : 0 Caption : Microsoft Windows 10 Pro

VM OS RAM (MB)

4048

VM OS HDD Space / Usage

DeviceID DriveType ProviderName VolumeName Size FreeSpace

C: 3 106770448384 46807326720 D: 5 virtio-win-0.1.229 534818816 0
E: 5 CCCOMA_X64FRE_EN-US_DV9 6140975104 0

VM AV Details

AntiVirusProduct classname does not exist...

VM PowerShell Version

5.1.19041.3031

VM CLR Version

4.0.30319.42000

VM Chocolatey Version

2.2.0

VM Boxstarter Version

Boxstarter|3.0.2 Boxstarter.Bootstrapper|3.0.2 Boxstarter.Chocolatey|3.0.2 Boxstarter.Common|3.0.2 Boxstarter.HyperV|3.0.2 Boxstarter.WinConfig|3.0.2

VM Installed Packages

010editor.vm|13.0.2 7zip.install|23.1.0 7zip-15-05.vm|15.5.0 adconnectdump.vm|0.0.0.20230710 apimonitor|2.13.0.20210213 apimonitor.vm|2.13.0.20220224 apktool|2.7.0 apktool.vm|2.7.0 asreproast.vm|0.0.0.20230713 autohotkey|1.1.36.2 autohotkey.install|1.1.37.1 az.powershell|10.2.0 azurehound.vm|2.0.4.20230713 badassmacros.vm|1.0.0 bloodhound.vm|4.3.1.20230713 bloodhound-custom-queries.vm|0.0.0.20230713 Boxstarter|3.0.2 Boxstarter.Bootstrapper|3.0.2 Boxstarter.Chocolatey|3.0.2 Boxstarter.Common|3.0.2 Boxstarter.HyperV|3.0.2 Boxstarter.WinConfig|3.0.2 burp-free.vm|0.0.0.20230711 burp-suite-free-edition|2022.12.4 bytecodeviewer.vm|2.11.2 c3.vm|0.0.0.20230711 capa.vm|5.1.0.20230418 certify.vm|1.1.0.20230713 chocolatey|2.2.0 chocolatey-compatibility.extension|1.0.0 chocolatey-core.extension|1.4.0 chocolatey-dotnetfx.extension|1.0.1 chocolatey-visualstudio.extension|1.11.0 chocolatey-windowsupdate.extension|1.0.5 Cmder|1.3.21 cmder.vm|1.3.21 codetrack|1.0.3.301 codetrack.vm|1.0.3.20230526 common.vm|0.0.0.20230714 confuserex|1.6.0 confuserex.vm|1.6.0.20230713 covenant.vm|0.0.0.20230711 credninja.vm|2.3.0 cutter.vm|2.2.1 Cygwin|3.4.7 cygwin.vm|3.4.7 de4dot-cex.vm|4.0.0.20230526 dependencywalker|2.2.6000.9 dependencywalker.vm|2.2.6000 die.vm|3.7.20230523 dll-to-exe.vm|1.1.0 dnspyex.vm|6.4.0 dotnet-6.0-desktopruntime|6.0.20 dotnetfx|4.8.0.20220524 dotnettojscript.vm|0.0.0.20230713 dumpert.vm|0.0.0.20230711 evilclippy.vm|1.3.0 exeinfope.vm|0.0.7.20221209 exiftool|12.64.0 exiftool.vm|12.64.0 explorersuite.vm|0.0.0.20230523 fakenet-ng.vm|1.4.11.20230418 fiddler|5.0.20211.51073 fiddlerclassic.vm|5.0.20211.20221209 file.vm|0.0.0.20170108 flarevm.installer.vm|0.0.0.20230626 floss.vm|2.3.0 fuzzdb.vm|0.0.0.20230711 gadgettojscript.vm|2.0.0.20230713 getlapspasswords.vm|0.0.0.20230713 ghidra|10.3.2 ghidra.vm|10.3.2 gobuster.vm|3.5.0.20230713 GoogleChrome|115.0.5790.171 goresym.vm|2.4.0 gowitness.vm|2.5.0 group3r.vm|1.0.53 hashcat.vm|6.2.6 hashmyfiles.vm|0.0.0.20230524 hollowshunter.vm|0.3.6 hxd|2.5.0 hxd.vm|2.5.0.20230524 ida.diaphora.vm|3.0.0 idafree.vm|7.6.20230418 idr.vm|0.0.0.20230627 ifpstools.vm|2.0.2 ilspy|8.0.0.20230622 ilspy.vm|8.0.0.20230628 innoextract.vm|1.9.0.20230710 innounp.vm|0.50.0.20230710 inveigh.vm|2.0.10 invokedosfuscation.vm|1.0.0 invokeobfuscation.vm|1.8.2 isd.vm|1.5.0 javaruntime|8.0.231 jre8|8.0.381 juicypotato.vm|0.1.0 KB2919355|1.0.20160915 KB2919442|1.0.20160915 KB2999226|1.0.20181019 KB3033929|1.0.5 KB3035131|1.0.3 KB3063858|1.0.0 keethief.vm|0.0.0.20230713 kerbrute.vm|1.0.3 ldapnomnom.vm|1.1.0 libraries.python2.vm|0.0.0.20221203 mailsniper.vm|0.0.0.20230712 malware-jail.vm|0.0.0.20230616 map.vm|12.20.21 merlin.vm|1.5.1 mfasweep.vm|0.0.0.20230710 microburst.vm|0.0.0.20230320 mimikatz.vm|2.2.0 minidump.vm|0.0.0.20230711 nanodump.vm|0.0.0.20230713 nasm|2.16.1.20221231 nasm.vm|2.16.1.20230531 netfx-4.8|4.8.0.20220524 netgpppassword.vm|1.0.0 net-reactor-slayer|6.4.0 net-reactor-slayer.vm|6.4.0.20230621 networkminer.vm|2.8.0 nmap.vm|7.93.20230418.20230614 nodejs|20.5.0 nodejs.install|20.5.0 notepadplusplus|8.5.4 notepadplusplus.install|8.5.4 notepadplusplus.vm|8.5.4 notepadpp.plugin.compare.vm|2.0.2 npcap.vm|1.72.20230614 ollydbg.ollydumpex.vm|1.80.0 ollydbg.scyllahide.vm|0.0.0.20230210 ollydbg.vm|1.10.0.20230418 ollydbg2.ollydumpex.vm|1.80.0 ollydbg2.scyllahide.vm|0.0.0.20230210 ollydbg2.vm|2.1.0.20230418 openjdk|20.0.1 openvpn|2.6.5.1 openvpn.vm|2.6.5.20230713 outflank-c2-tool-collection.vm|0.0.0.20230713 payloadsallthethings.vm|0.0.0.20230711 pebear|0.6.5.2 pebear.vm|0.6.5.20230308 peid.vm|0.95.0.20221115 pesieve|0.3.6 pesieve.vm|0.3.6 pestudio.vm|9.53.0.20230629 petitpotam.vm|0.0.0.20230710 pma-labs.vm|0.0.0.20230626 powercat.vm|0.0.0.20230710 powermad.vm|0.0.0.20230711 powersploit.vm|0.0.0.20230713 powerupsql.vm|0.0.0.20230710 powerzure.vm|0.0.0.20230320 processdump.vm|2.1.1.20220908 python2|2.7.18 python3|3.9.13 regshot.vm|1.9.1 resourcehacker.portable|5.1.8 resourcehacker.vm|5.1.8 routesixtysink.vm|0.0.0.20230714 rubeus.vm|2.2.1 rundotnetdll.vm|2.2.0.20230526 safetykatz.vm|0.0.0.20230713 scdbg.vm|12.7.22 seatbelt.vm|1.2.0.20230713 seclists.vm|2023.2.0 setdllcharacteristics.vm|0.0.1 sharpcliphistory.vm|1.0.0 sharpdpapi.vm|1.11.3 sharpdump.vm|0.0.0.20230713 sharpexec.vm|0.0.0.20230713 sharphound.vm|1.1.1.20230713 sharplaps.vm|1.1.0 sharpsecdump.vm|0.0.0.20230711 sharpup.vm|0.0.0.20230602 sharpview.vm|0.0.0.20230713 sharpwmi.vm|0.0.0.20230713 shellcode_launcher.vm|0.0.0 situational-awareness-bof.vm|0.0.0.20230713 sliver.vm|1.5.41 snaffler.vm|1.0.126 spoolsample.vm|0.0.0.20230602 sqlitebrowser.portable|3.12.2 sqlitebrowser.vm|0.0.0.20230714 sqlrecon.vm|2.2.2.20230418 statistically-likely-usernames.vm|0.0.0.20230711 stracciatella.vm|0.7.0.20230713 streamdivert.vm|1.1.0 syswhispers2.vm|0.0.0.20230712 syswhispers3.vm|0.0.0.20230713 teamfiltration.vm|3.5.0.20230713 telnet.vm|0.0.0.20230317 truestedsec-remote-ops-bof.vm|0.0.0.20230713 unhook-bof.vm|0.0.0.20230713 uniextract2.vm|2.0.0.20220113 upx.vm|4.0.2.20230626 vcbuildtools.vm|0.0.0.20230621 vcredist140|14.36.32532 vcredist2010|10.0.40219.32503 vcredist2013|12.0.40660.20180427 vcredist2015|14.0.24215.20170201 visualstudio.vm|17.6.1.20230703 visualstudio2017buildtools|15.9.55 visualstudio2017-workload-vctools|1.3.3 visualstudio2022community|117.6.5 visualstudio-installer|2.0.3 vnc-viewer|7.5.1 vnc-viewer.vm|7.5.1 whisker.vm|0.0.0.20230714 windbg.vm|0.0.0 winscp|6.1.1 winscp.install|6.1.1 winscp.vm|6.1.1 wireshark|4.0.7 wireshark.vm|4.0.7 wmimplant.vm|0.0.0.20230713 x64dbg.ollydumpex.vm|1.80.0 x64dbg.scyllahide.vm|0.0.0.20210823 x64dbg.vm|2021.5.8.20230418 x64dbgpy.vm|1.0.56.20211021 yara|4.3.2 yara.vm|4.3.2

Common Environment Variables

VM_COMMON_DIR: C:\ProgramData_VM TOOL_LIST_DIR: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tools TOOL_LIST_SHORTCUT: C:\Users\Analyst\Desktop\Tools.lnk RAW_TOOLS_DIR: C:\Tools

2023/08/04 20:53:35 vm.common.psm1 [+] INFO : Host Information

VM OS version and Service Pack

Version : 10.0.19045 BuildNumber : 19045 OSArchitecture : 64-bit ServicePackMajorVersion : 0 Caption : Microsoft Windows 10 Pro

VM OS RAM (MB)

4048

VM OS HDD Space / Usage

DeviceID DriveType ProviderName VolumeName Size FreeSpace

C: 3 106770448384 46824751104 D: 5 virtio-win-0.1.229 534818816 0
E: 5 CCCOMA_X64FRE_EN-US_DV9 6140975104 0

VM AV Details

AntiVirusProduct classname does not exist...

VM PowerShell Version

5.1.19041.3031

VM CLR Version

4.0.30319.42000

VM Chocolatey Version

2.2.0

VM Boxstarter Version

Boxstarter|3.0.2 Boxstarter.Bootstrapper|3.0.2 Boxstarter.Chocolatey|3.0.2 Boxstarter.Common|3.0.2 Boxstarter.HyperV|3.0.2 Boxstarter.WinConfig|3.0.2

VM Installed Packages

010editor.vm|13.0.2 7zip.install|23.1.0 7zip-15-05.vm|15.5.0 adconnectdump.vm|0.0.0.20230710 apimonitor|2.13.0.20210213 apimonitor.vm|2.13.0.20220224 apktool|2.7.0 apktool.vm|2.7.0 asreproast.vm|0.0.0.20230713 autohotkey|1.1.36.2 autohotkey.install|1.1.37.1 az.powershell|10.2.0 azurehound.vm|2.0.4.20230713 badassmacros.vm|1.0.0 bloodhound.vm|4.3.1.20230713 bloodhound-custom-queries.vm|0.0.0.20230713 Boxstarter|3.0.2 Boxstarter.Bootstrapper|3.0.2 Boxstarter.Chocolatey|3.0.2 Boxstarter.Common|3.0.2 Boxstarter.HyperV|3.0.2 Boxstarter.WinConfig|3.0.2 burp-free.vm|0.0.0.20230711 burp-suite-free-edition|2022.12.4 bytecodeviewer.vm|2.11.2 c3.vm|0.0.0.20230711 capa.vm|5.1.0.20230418 certify.vm|1.1.0.20230713 chocolatey|2.2.0 chocolatey-compatibility.extension|1.0.0 chocolatey-core.extension|1.4.0 chocolatey-dotnetfx.extension|1.0.1 chocolatey-visualstudio.extension|1.11.0 chocolatey-windowsupdate.extension|1.0.5 Cmder|1.3.21 cmder.vm|1.3.21 codetrack|1.0.3.301 codetrack.vm|1.0.3.20230526 common.vm|0.0.0.20230714 confuserex|1.6.0 confuserex.vm|1.6.0.20230713 covenant.vm|0.0.0.20230711 credninja.vm|2.3.0 cutter.vm|2.2.1 Cygwin|3.4.7 cygwin.vm|3.4.7 de4dot-cex.vm|4.0.0.20230526 dependencywalker|2.2.6000.9 dependencywalker.vm|2.2.6000 die.vm|3.7.20230523 dll-to-exe.vm|1.1.0 dnspyex.vm|6.4.0 dotnet-6.0-desktopruntime|6.0.20 dotnetfx|4.8.0.20220524 dotnettojscript.vm|0.0.0.20230713 dumpert.vm|0.0.0.20230711 evilclippy.vm|1.3.0 exeinfope.vm|0.0.7.20221209 exiftool|12.64.0 exiftool.vm|12.64.0 explorersuite.vm|0.0.0.20230523 fakenet-ng.vm|1.4.11.20230418 fiddler|5.0.20211.51073 fiddlerclassic.vm|5.0.20211.20221209 file.vm|0.0.0.20170108 flarevm.installer.vm|0.0.0.20230626 floss.vm|2.3.0 fuzzdb.vm|0.0.0.20230711 gadgettojscript.vm|2.0.0.20230713 getlapspasswords.vm|0.0.0.20230713 ghidra|10.3.2 ghidra.vm|10.3.2 gobuster.vm|3.5.0.20230713 GoogleChrome|115.0.5790.171 goresym.vm|2.4.0 gowitness.vm|2.5.0 group3r.vm|1.0.53 hashcat.vm|6.2.6 hashmyfiles.vm|0.0.0.20230524 hollowshunter.vm|0.3.6 hxd|2.5.0 hxd.vm|2.5.0.20230524 ida.diaphora.vm|3.0.0 idafree.vm|7.6.20230418 idr.vm|0.0.0.20230627 ifpstools.vm|2.0.2 ilspy|8.0.0.20230622 ilspy.vm|8.0.0.20230628 innoextract.vm|1.9.0.20230710 innounp.vm|0.50.0.20230710 inveigh.vm|2.0.10 invokedosfuscation.vm|1.0.0 invokeobfuscation.vm|1.8.2 isd.vm|1.5.0 javaruntime|8.0.231 jre8|8.0.381 juicypotato.vm|0.1.0 KB2919355|1.0.20160915 KB2919442|1.0.20160915 KB2999226|1.0.20181019 KB3033929|1.0.5 KB3035131|1.0.3 KB3063858|1.0.0 keethief.vm|0.0.0.20230713 kerbrute.vm|1.0.3 ldapnomnom.vm|1.1.0 libraries.python2.vm|0.0.0.20221203 mailsniper.vm|0.0.0.20230712 malware-jail.vm|0.0.0.20230616 map.vm|12.20.21 merlin.vm|1.5.1 mfasweep.vm|0.0.0.20230710 microburst.vm|0.0.0.20230320 mimikatz.vm|2.2.0 minidump.vm|0.0.0.20230711 nanodump.vm|0.0.0.20230713 nasm|2.16.1.20221231 nasm.vm|2.16.1.20230531 netfx-4.8|4.8.0.20220524 netgpppassword.vm|1.0.0 net-reactor-slayer|6.4.0 net-reactor-slayer.vm|6.4.0.20230621 networkminer.vm|2.8.0 nmap.vm|7.93.20230418.20230614 nodejs|20.5.0 nodejs.install|20.5.0 notepadplusplus|8.5.4 notepadplusplus.install|8.5.4 notepadplusplus.vm|8.5.4 notepadpp.plugin.compare.vm|2.0.2 npcap.vm|1.72.20230614 ollydbg.ollydumpex.vm|1.80.0 ollydbg.scyllahide.vm|0.0.0.20230210 ollydbg.vm|1.10.0.20230418 ollydbg2.ollydumpex.vm|1.80.0 ollydbg2.scyllahide.vm|0.0.0.20230210 ollydbg2.vm|2.1.0.20230418 openjdk|20.0.1 openvpn|2.6.5.1 openvpn.vm|2.6.5.20230713 outflank-c2-tool-collection.vm|0.0.0.20230713 payloadsallthethings.vm|0.0.0.20230711 pebear|0.6.5.2 pebear.vm|0.6.5.20230308 peid.vm|0.95.0.20221115 pesieve|0.3.6 pesieve.vm|0.3.6 pestudio.vm|9.53.0.20230629 petitpotam.vm|0.0.0.20230710 pma-labs.vm|0.0.0.20230626 powercat.vm|0.0.0.20230710 powermad.vm|0.0.0.20230711 powersploit.vm|0.0.0.20230713 powerupsql.vm|0.0.0.20230710 powerzure.vm|0.0.0.20230320 processdump.vm|2.1.1.20220908 python2|2.7.18 python3|3.9.13 regshot.vm|1.9.1 resourcehacker.portable|5.1.8 resourcehacker.vm|5.1.8 routesixtysink.vm|0.0.0.20230714 rubeus.vm|2.2.1 rundotnetdll.vm|2.2.0.20230526 safetykatz.vm|0.0.0.20230713 scdbg.vm|12.7.22 seatbelt.vm|1.2.0.20230713 seclists.vm|2023.2.0 setdllcharacteristics.vm|0.0.1 sharpcliphistory.vm|1.0.0 sharpdpapi.vm|1.11.3 sharpdump.vm|0.0.0.20230713 sharpexec.vm|0.0.0.20230713 sharphound.vm|1.1.1.20230713 sharplaps.vm|1.1.0 sharpsecdump.vm|0.0.0.20230711 sharpup.vm|0.0.0.20230602 sharpview.vm|0.0.0.20230713 sharpwmi.vm|0.0.0.20230713 shellcode_launcher.vm|0.0.0 situational-awareness-bof.vm|0.0.0.20230713 sliver.vm|1.5.41 snaffler.vm|1.0.126 spoolsample.vm|0.0.0.20230602 sqlitebrowser.portable|3.12.2 sqlitebrowser.vm|0.0.0.20230714 sqlrecon.vm|2.2.2.20230418 statistically-likely-usernames.vm|0.0.0.20230711 stracciatella.vm|0.7.0.20230713 streamdivert.vm|1.1.0 syswhispers2.vm|0.0.0.20230712 syswhispers3.vm|0.0.0.20230713 teamfiltration.vm|3.5.0.20230713 telnet.vm|0.0.0.20230317 truestedsec-remote-ops-bof.vm|0.0.0.20230713 unhook-bof.vm|0.0.0.20230713 uniextract2.vm|2.0.0.20220113 upx.vm|4.0.2.20230626 vcbuildtools.vm|0.0.0.20230621 vcredist140|14.36.32532 vcredist2010|10.0.40219.32503 vcredist2013|12.0.40660.20180427 vcredist2015|14.0.24215.20170201 visualstudio.vm|17.6.1.20230703 visualstudio2017buildtools|15.9.55 visualstudio2017-workload-vctools|1.3.3 visualstudio2022community|117.6.5 visualstudio-installer|2.0.3 vnc-viewer|7.5.1 vnc-viewer.vm|7.5.1 whisker.vm|0.0.0.20230714 windbg.vm|0.0.0 winscp|6.1.1 winscp.install|6.1.1 winscp.vm|6.1.1 wireshark|4.0.7 wireshark.vm|4.0.7 wmimplant.vm|0.0.0.20230713 x64dbg.ollydumpex.vm|1.80.0 x64dbg.scyllahide.vm|0.0.0.20210823 x64dbg.vm|2021.5.8.20230418 x64dbgpy.vm|1.0.56.20211021 yara|4.3.2 yara.vm|4.3.2

Common Environment Variables

VM_COMMON_DIR: C:\ProgramData_VM TOOL_LIST_DIR: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tools TOOL_LIST_SHORTCUT: C:\Users\Analyst\Desktop\Tools.lnk RAW_TOOLS_DIR: C:\Tools

2023/08/04 20:54:53 [vbdec.vm] vm.common.psm1 [+] ERROR : [ERR] The remote file either doesn't exist, is unauthorized, or is forbidden for url 'https://github.com/dzzie/pdfstreamdumper/releases/download/vbdec_12.7.22/VBDEC_Setup_SnapShot_12.8.22.exe'. Exception calling "GetResponse" with "0" argument(s): "The remote server returned an error: (404) Not Found." At C:\ProgramData\chocolatey\helpers\functions\Get-WebFile.ps1:351 char:13

2023/08/04 20:55:03 [flarevm.installer.vm] chocolateyinstall.ps1 [+] ERROR : Failed to install: libraries.python3.vm 2023/08/04 20:55:03 [flarevm.installer.vm] chocolateyinstall.ps1 [+] ERROR : Failed to install: vbdec.vm 2023/08/04 20:55:03 [flarevm.installer.vm] chocolateyinstall.ps1 [+] ERROR : For each failed package, you may attempt a manual install via: choco install -y 2023/08/04 20:55:03 [flarevm.installer.vm] chocolateyinstall.ps1 [+] ERROR : Failed package list saved to: C:\Users\Analyst\Desktop\failed_packages.txt 2023/08/04 20:55:03 [flarevm.installer.vm] chocolateyinstall.ps1 [+] ERROR : Please check the following logs for additional errors: 2023/08/04 20:55:03 [flarevm.installer.vm] chocolateyinstall.ps1 [+] ERROR : C:\ProgramData_VM\log.txt (this file) 2023/08/04 20:55:03 [flarevm.installer.vm] chocolateyinstall.ps1 [+] ERROR : %PROGRAMDATA%\chocolatey\logs\chocolatey.log 2023/08/04 20:55:03 [flarevm.installer.vm] chocolateyinstall.ps1 [+] ERROR : %LOCALAPPDATA%\Boxstarter\boxstarter.log

Detected by test suite

Yes

mr-tz commented 1 year ago

@dzzie will vbdec be hosted elsewhere?

mr-tz commented 1 year ago

We'll remove this from the packages.

dzzie commented 1 year ago

Hi, up to you guys here is a static hash link,

http://sandsprite.com/flare_vm/VBDEC_Setup_983E127DB204A3E50723E4A30D80EF8C.exe

Compiled: 2.22.2023 MD5: 983E127DB204A3E50723E4A30D80EF8C SHA256: E6FA33F1D8C51214B1B6E49665F1EDBCBF05399D57CC2A04CED0A74A194ADA63

mr-tz commented 1 year ago

Thanks, @dzzie!