https://www.cso.com.au/article/626753/wikileaks-vault-7-cia-stealthy-angelfire-windows-malware/
The Keystone component launches other Angelfire applications and is designed to leave minimal forensic evidence since Keystone implant code are loaded directly into memory and never touch the file system. The intent here was to ensure that processes created by Angelfire applications don’t look out of the ordinary.
https://thehackernews.com/2017/08/cia-boot-sector-malware.html
Previous Vault 7 CIA Leaks
Last week, WikiLeaks published another CIA project, dubbed ExpressLane, which detailed about the spying software that the CIA agents used to spy on their intelligence partners around the world, including FBI, DHS and the NSA.
https://securityaffairs.co/wordpress/62317/intelligence/expresslane-cia-hacking-tool.html
Below the list of release published by Wikileaks since March:
ExpressLane – 24 August, 2017
Couchpotato – 10 August, 2017
Dumbo– 03 August, 2017
Imperial – 27 July, 2017
UCL/RAYTHEON – 19 July, 2017
HighRise – 13 July, 2017
BothanSpy and Gyrfalcon – 06 July, 2017
OutlawCountry – 30 June, 2017
ELSA malware – 28 June, 2017
Cherry Blossom – 15 June, 2017
Pandemic – 1 June, 2017
Athena – 19 May, 2017
AfterMidnight – 12 May, 2017
Archimedes – 5 May, 2017
Scribbles – 28 April, 2017
Weeping Angel – 21 April, 2017
Hive – 14 April, 2017
Grasshopper – 7 April, 2017
Marble Framework – 31 March, 2017
Dark Matter – 23 March, 2017