Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.
UNCLASSIFIED
Pique Proof-of-Concept (PoC) Report
Anti-Debugging and Anti-Emulation
(U) Searching the File System
(U) Another quick and easy way to determine if VMWare has been installed on the target is to
look in the file system (../Program Files/VMWare) as shown in Figure 7. This file system search
was conducted on a Windows 10 VMWare machine, not the host machine.
Figure 7. Searching the File System for VMWare
Raytheon Blackbird Technologies, Inc.
17
07 August 2015
Use or disclosure of data contained on this sheet is subject to the restrictions on the title page of this document.
UNCLASSIFIED