Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.
SECRET//ORCON//NOFORN
ASSASSIN v1.2 USER GUIDE
March 2012
APPENDIX A:OVERVIEW..........................................................................3
1CONCEPT OF OPERATIONS.....................................................................4
2SYSTEM COMPONENTS..........................................................................5
2.1IMPLANT EXECUTABLES......................................................................6
2.2DEPLOYMENT EXECUTABLES...............................................................7
2.3BUILDER............................................................................................8
2.4TASKER.............................................................................................9
2.5POST PROCESSOR............................................................................10
2.6COLLIDE HANDLERS.........................................................................11
3SYSTEM REQUIREMENTS......................................................................12
3.1PYTHON..........................................................................................13
3.2COLLIDE..........................................................................................14
APPENDIX B:ASSASSIN IMPLANT............................................................15
1IMPLANT EXECUTABLE USAGE..............................................................16
1.1IMPLANT DLL...................................................................................17
APPENDIX C:RUNNING VIA DLLMAIN......................................................18
APPENDIX D:RUNNING VIA GH1.............................................................19
APPENDIX E:RUNNING VIA RUNDLL32....................................................20
1.1IMPLANT SERVICE DLL......................................................................21
APPENDIX F:RUNNING VIA RUNDLL32....................................................22
APPENDIX G:RUNNING VIA SERVICEMAIN...............................................23
1.1IMPLANT EXE ..................................................................................24
2IMPLANT IDENTIFICATION....................................................................25
3BEACON.............................................................................................26
3.1BEACON TRANSACTION.....................................................................27
3.2BEACON TIMING...............................................................................28
3.3PROCESS CHECK..............................................................................29
CL BY: 2355679
CL REASON: Section
1.5(c),(e)
DECL ON: 20351003
DRV FRM: COL 6-03
SECRET//ORCON//NOFORN