Locky Actors Adopt QTLoader to Deliver Ransomware
Starting October 19, 2017, the actors behind Locky distribution started using a new loader to drop their Ransomware. The new loader has been dubbed QTLoader or QTBot based on some strings and registry keys used by the malware. The use of the so-called QTLoader coincided with the adoption of the DDE AUTO feature of Office…