Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.
4. Drop if No Internet/ Internet: Self-explanatory.
5. Drop if 32/64 bit: Self-explanatory.
6. Create Folder Structure: If the path defined in Full path of payload executable
on target does not exist, if checked; DllPayload(64).dll will create the folder
structure.
7. Need System Rights: Only checked this if your payload absolutely needs System
(not Admin) rights.
8. OverWrite Files: If this is checked, your file will replace a file of the same name.
9. Max Runs: The max number of runs the payload can drop. The number of runs is
stored as the creation time. If DllPayload(64).dll cannot modify these times it will
not drop and run the payload. This is a simple way of keeping DllPayload(64).dll
from working from a CD or write blocker. Note: If you are dropping two dlls 64
bit and 32 bit the total maximum number of runs has now been double since each
dll can run X(max_runs) number of times.
10. Full path of payload executable: Path to where your payload you want
embedded in the .cfg is located.
11. Full path of payload executable on target: Path where the payload will be
created on target. Payloads will not be overwritten. If the executable already exist
the payload will not run.
12. Payload Arguments: Arguments that will be fed into the payload at run time
13. Run Payload as: You may choose how your executable is drop and ran.
14
SECRET//X1
CL BY: 2397517
REASON: 1.4(c)
DECL: 20361019
DRV: COL S-06