Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.

of who owns a particular thumb drive without looking up the serial number in
your data. I.e. JQJBADGUY/1 (SN# 889238923484)
3. Drop 32 Dll: You may fill out the Dll Name: field but not check this box.
Checking the box will allow the ES Server(64).exe to put down a 32 bit Dll on the
listed thumb drive. Each Whitelisted drive may have different names and
configurations for the dlls and lnk files or all may have the same names. The dll
must end with an extension. It does not need to .dll, but it has to have .something.
4. 32 bit lnk files: These link files are required to get the dll to run. Fields may be
filled out but not checked. The information will be saved in the XML file but ES
Setup.exe will not put the names of the lnk files in the configuration file.
5. Drop 64 Dll: You may fill out the Dll Name: field but not check this box.
Checking the box will allow the ES Server(64).exe to put down a 64 bit Dll on the
listed thumb drive. Each Whitelisted drive may have different names and
configurations for the dlls and lnk files or all may have the same names. The dll
must end with an extension. It does not need to .dll, but it has to have .something.
6. 64 bit lnk files: Fields may be filled out but not checked. The information will be
saved in the XML file but ES Setup.exe will not put the names of the lnk files in
the configuration file.
7. Infect Local Thumbdrive: This button allows you to instantly infect a
thumbdrive that is plugged into your system instead of running ES Server.exe.
First click the Whitelisted drive configuration you want and then click this button.
The Pre and Post Build executable/batch scripts will run when you click this
button.
10
SECRET//X1
CL BY: 2397517
REASON: 1.4(c)
DECL: 20361019
DRV: COL S-06

e-Highlighter

Click to send permalink to address bar, or right-click to copy permalink.

Un-highlight all Un-highlight selectionu Highlight selectionh