Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.
SECRET//NOFORN
SECRET//NOFORN
IOC ERB:
15
IV&V Observations (cont.)
Observation 10:
Context: On Windows XP, SP3, 32-bit; Windows Vista, SP2, 32-
bit; or Windows Vista, SP2, 64-bit with Avast Internet Security at
default and high settings:
Two alert pop-up windows appeared
After analysis, Avast determined that the executable was not
malware but the executable was sandboxed
Only the file collection and payload drop actions were performed
by the tool
Impact: Survey of the target will not be completed
Workaround/Recommendation: Update the User Manual to note
this behavior