Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.
SECRET//20350629
Norton Internet Security: Events logged! (high settings) On Windows XP, SP3,
32-bit; Windows Vista, SP2, 32-bit; or Windows Vista, SP2, 64-bit:
An entry is recorded in the log file. The log entry identified the EZCheese
executable and notes that it is trying to access the Internet.
The executable and its location are captured in the log file.
Trend Micro Titanium Internet Security: On Windows XP 32-bit at high
settings the payload was not deployed.
(U) Appendix C: Artifacts Left Behind
(S) After executing EZCheese there will be information left behind in memory. This
includes the name of executables, paths to those executables, and the name and path of
link files.
SECRET//20350629
18