Dashboard
Account 🔐
Sign Up
Login
Global Leaderboard
Game Vault
Badge Backpack
Blue Team Glossary
Login and start playing
Leaving so soon?
×
You really want to log out? We were having so much fun!
Home
›
Glossary
›
Tactics & Techniques
›
dropper
Dropper
Tactics & Techniques
Definition
# What is a Dropper in Cybersecurity? In cybersecurity, a **dropper** is a type of **malware installer**. It’s a small, often seemingly harmless program whose main job is **to “drop” (deliver and install)** another, usually more harmful, piece of malware onto a victim’s system.
Explore More Terms
Pyramid Of Pain
Sysmon-Event-Codes-Ids
Amcache
Powershell
Authentication
Examples & Use Cases
## How It Works 1. **Initial Delivery** – The dropper gets onto the target system, often through phishing emails, malicious attachments, drive-by downloads, or USB devices. 2. **Payload Retrieval** – Once running, the dropper downloads or unpacks the *real* malicious payload (like ransomware, spyware, or a remote access trojan). 3. **Execution** – The dropper installs and runs the payload, sometimes deleting itself afterward to avoid detection. ## Key Points - **Purpose**: Get the “main” malware in place while evading early detection. - **Stealth**: Droppers are often small and designed to bypass antivirus scans by not carrying obvious malicious code until the payload is fetched. - **Types**: - **Downloaders** – Fetch the payload from the internet after execution. - **Embedded Droppers** – Already contain the payload in compressed or encrypted form. > 💡 Think of a dropper as a **Trojan delivery truck** — the truck itself isn’t the main danger, but it’s bringing something dangerous inside. ## Further Reading - [CISA – Malware](https://www.cisa.gov/news-events/news/understanding-malware) – Overview of different malware types, including droppers. - [MITRE ATT&CK – Ingress Tool Transfer](https://attack.mitre.org/techniques/T1105/) – Explains how malicious tools (like droppers) transfer payloads. - [Kaspersky – What is a Trojan Dropper?](https://encyclopedia.kaspersky.com/glossary/trojan-droppers/) – Detailed look at Trojan droppers and how they work. - [ESET – The Role of Droppers in Malware Campaigns](https://www.welivesecurity.com) – Insights from real-world cases (search “dropper” on the site).