Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.
SECRE
T//
NOFORN
Pique Analysis Report
20150821-263-NMehata-Theories on Persistence
Ra
y
theon Blackbird Technolo
g
i
es,
Inc. 2 21 Au
g
ust 2015
Use or disclosure of data contained on this sheet is su
bje
ct to the restrictions on the title
page
of this document.
SECRE
T/
/
NOFORN
2.0 (U) Description of the Technique
(S//NF) The techniques to discuss and consider for PoC development revolve predominantly
around file replacement/displacement and proxying the original functionality once substituted.
3.0 (U) Identification of Affected Applications
(U) Windows primarily, but not exclusively.
4.0 (U) Related Techniques
(S//NF) Persistence.
5.0 (U) Configurable Parameters
(U) Varied.
6.0 (U) Exploitation Method and Vectors
(S//NF) No exploitation methods or attack vectors were discussed in this report.
7.0 (U) Caveats
(U) None.
8.0 (U) Risks
(S//NF) TBD depending on which methods, if any, are recommended for PoC development.
9.0 (U) Recommendations
(S//NF) We recommend a specific meeting be called to discuss each of these approaches to
persistence to determine which makes most sense for PoC development consideration as all have
potential.