Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.

SECRET//NOFORN
8.1 Creating the build
In this instance we’ll create a single build and use it for both targets. In this way if
the two targets compare their systems they will see identical AM footprints. We’ll
use an @ file because otherwise the command line can be unwieldy.
$ cat myexample.args
--overt-service-name AfterMidnight
--overt-service-desc "A service to ensure optimal computer operation"
--overt-display-name "After Midnight"
--core-file c:\\windows\\system32\\am-core.obfuscated
--data-file c:\\windows\\system32\\am-encrypted-storage
--staging-dir c:\\windows\\system32\\am-staging
--config-file c:\\windows\\system32\\am-config
--kill-file c:\\kill.am.now
$ am create build MyExampleBuild @myexample.args
Generating RSA keys for new workspace...
$ am ls builds -v
Builds
===========================================================================
MyExampleBuild
{
"name": "MyExampleBuild",
"core_file": "c:\\windows\\system32\\am-core.obfuscated",
"config_file": "c:\\windows\\system32\\am-config",
"overt_service_name": "AfterMidnight",
"staging_dir": "c:\\windows\\system32\\am-staging",
"kill_file": "c:\\kill.am.now",
"overt_service_desc": "A service to ensure optimal computer operation",
"data_file": "c:\\windows\\system32\\am-encrypted-storage",
"overt_display_name": "After Midnight"
}
56
SECRET//NOFORN

e-Highlighter

Click to send permalink to address bar, or right-click to copy permalink.

Un-highlight all Un-highlight selectionu Highlight selectionh