Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.
UNCLASSIFIED
Pique Proof-of-Concept (PoC) Report
Anti-Debugging and Anti-Emulation
(U) Search the Registry for ‘VMWare’
(U) Searching the registry for the string ‘VMWare’ is another simple and easy way to look for
VMWare installation artifacts on the target machine. The following registry search, as shown in
Figure 8, was conducted on a Windows 10 guest Virtual Machine, not the host machine.
Figure 8. Searching the Registry for ‘VMWare’
Raytheon Blackbird Technologies, Inc.
18
07 August 2015
Use or disclosure of data contained on this sheet is subject to the restrictions on the title page of this document.
UNCLASSIFIED