Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.
SECRET//NOFORN
SECRET//NOFORN
IOC ERB:
12
IV&V Observations (cont.)
Observation 7:
Context: On Windows XP, SP3, 32-bit or Windows 7, SP1, 32-
bit with BitDefender Total Security at high settings:
An alert pop-up window immediately appeared, stating ‘Intrusion
Detection has detected and blocked a potentially malicious
application’
The executable process did not run, hence the payload was not
dropped
This alert is recorded in the log file
EZCheese did return survey and file collection data
Impact: The payload was not deployed on the target with the
above configurations
Workaround/Recommendation: Update the User Manual to note
this behavior