The Angler exploit kit is a pre-packaged toolkit sold on the dark web that criminals use to distribute malware.
With an exploit kit, would-be attackers no longer need to find bugs in software; develop ways to exploit them; set up or take over web servers to host these exploits; and lure victims to booby-trapped websites known as landing pages. Likewise, exploit kit makers do not need to write malware; or keep track of infected computers; or collect money from victims; or exfiltrate and sell stolen.
When a vulnerability can be exploited, Angler typically downloads the payload from a third web page. Although this can be any type of malware - like a password stealer or adware - ransomeware now makes up a significant portion of payloads.