Troldesh Ransomware Dropper

Troldesh Ransomware Dropper

Over the past few weeks, we’ve seen an increase in Troldesh ransomware using compromised websites as intermediary malware distributors.

The malware often uses a PHP file that acts as a delivery tool for downloading the host malware dropper:


This type of infected URL is usually spread through malicious emails or through services like social media.

Malicious “JSC Airline” JScript File

Once a victim clicks the URL and loads it, a JScript file downloads to the victim’s computer.

Continue reading Troldesh Ransomware Dropper at Sucuri Blog.

The post Troldesh Ransomware Dropper appeared first on Security Boulevard.

Article Link: