Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.
1. Scope
This document establishes the user manual for Emotional Simian v2.2.
1.1 System Overview and Description
Emotional Simian (ES) provides the ability to propagate from a primary host to multiple
downstream secondary hosts via USB thumb drives. Emotional Simian can also configure
a local thumb drive to execute a configured dll to perform surveys, collect files, and/or
install payloads.
1.2 Assumptions and Constraints
The operator needs access to either the targeted thumb drive or the primary host.
Additionally, persistence for ES Server(64).exe needs to be maintained by the operator.
BitDefender alerts and deletes ES Server(64).exe on Windows XP. The DLL can still be
deployed to XP BitDefender systems, but operators should not deploy the server to any
XP BitDefender system.
Any payloads carried to secondary downstream hosts must be dropped to disk to run.
1.3 Conventions
None.
2. Applicable Documents
The following documents, of the exact issue shown, form a part of this document to the
extent specified herein. In the event of a conflict between the documents referenced
herein and the contents of this document, the contents of this document will be
considered binding. The following documents may be found in the EDG/AED share:
• Emotional Simian V2.2 UserGuide.doc
• Emotional Simian V2.2 TDR.ppt
3. System Description
3.1 Technical References
4
SECRET//X1
CL BY: 2397517
REASON: 1.4(c)
DECL: 20361019
DRV: COL S-06