Adware.Gator

By CagedTech in Adware

Threat Scorecard

Popularity Rank:	16,460
Threat Level:	20 % (Normal)
Infected Computers:	100

First Seen:	July 24, 2009
Last Seen:	January 25, 2026
OS(es) Affected:	Windows

Table of Contents

File System Details

Adware.Gator may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	DivXPro502GAINBundle.exe	dc9c9a3d61ebb3a9feb49b3e04356e4b	42
Name: DivXPro502GAINBundle.exe MD5: dc9c9a3d61ebb3a9feb49b3e04356e4b Size: 3.42 MB (3428903 bytes) Detections: 42 Type: Executable File Path: C:\Users\<username>\Desktop\Music\CD\CD Marco\DivXPro 5.02\DivXPro502GAINBundle.exe Group: Malware file Last Updated: January 23, 2026
2.	CLADD	a0595da9d68a9ad566ac3880ac4b7f62	0
Name: CLADD MD5: a0595da9d68a9ad566ac3880ac4b7f62 Size: 282.62 KB (282624 bytes) Detections: 0 Group: Malware file Last Updated: December 11, 2009

More files

Analysis Report

General information

Family Name:	Adware.Gator
Signature status:	No Signature

Known Samples

MD5: 0ea78f231cf0a6bd947065745946381d

SHA1: 8d9c7f4d12b56c1ef7b2799e8b50a89857dce3c6

SHA256: 6F25A30891B08AF923044E63A437952C77A7E90B2D37CC7BC00B3521A77371ED

File Size: 283.17 KB, 283170 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have debug information
File doesn't have exports table
File doesn't have relocations information
File doesn't have security information
File is 32-bit executable
File is either console or GUI application
File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
File is Native application (NOT .NET application)
File is not packed

IMAGE_FILE_DLL is not set inside PE header (Executable)
IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

Windows PE Version Information

Name	Value
File Version	4.2.0.1
Original Filename	Trickler.exe
Product Version	4.2.0.1

File Traits

Block Information

Total Blocks:	993
Potentially Malicious Blocks:	539
Whitelisted Blocks:	453
Unknown Blocks:	1

Visual Map

x x x x x x x x x 0 x x x x x x 0 0 x 0 x x x x x 0 0 x x x x x x x 0 0 x 0 x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x 0 0 0 x x x x x x x x x x x 0 x x x 0 x x x x x x x x 0 0 x 0 x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x 0 ? x x x x x x x x 0 x x x x x x x x x 0 x x 0 0 x x 0 0 x x x 0 x x 0 x x x x x x 1 x x x x x x x x 0 0 0 x 0 x x x x 0 x x 0 0 x x x x 0 0 0 0 0 0 0 0 x x 0 0 0 0 x x 0 x x x 0 0 x x 0 0 x 0 0 0 x x x x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 x x 0 x x x x x x x x x x x x x x x x x 0 x x x x x x x 0 x x x x x x x 0 x 0 x 0 x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x 0 x 0 x x x x 0 x 1 x 0 x x x x x x x 0 x x x x x x x x 0 x x 0 x x x x 0 0 x x x x 0 x 0 x x x x x x 0 x x x x x 0 x 0 0 0 x x x x x x x x x x x x x x x x x x x x x 0 x x x x x 0 x x x x x 0 x x 0 0 x x x 0 x 0 x x x x x x x x x 0 x 0 x 0 0 x x 0 x x x x 0 x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x 0 x x x x x x x x x 0 x 0 x x x x x x x x x x x x x x x x x x x x x x x 0 x 0 0 x x x x x x 1 x x x x x x x x x x x x x x x x x 0 0 x x x 0 x 1 x x 0 0 0 x x x x 0 x x x x 0 0 x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x 0 0 1 0 0 0 0 0 1 0 0 0 0 0 1 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x 0 x 0 x 0 x x x x x x 0 0 0 0 0 0 x x x x x x x x x x x x x x x x x 0 x 0 x 0 x 0 x 0 0 0 0 0 0 x x x x x 0 0 0 0 0 x x x x x x x x x x x x x 0 0 x x x x 0 0 0 0 0

0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

Gator.A

Registry Modifications

Key::Value	Data	API Name
HKLM\software\classes\wow6432node\clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}::uets	偉쑪㌏⭑	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}::gef	@	RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler::firststartvalue	͉	RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\gator\dyn::pdpfirststart	841:NEW	RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\tracing::enableconsoletracing		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\tracing\rasapi32::enablefiletracing		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\tracing\rasapi32::enableautofiletracing		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\tracing\rasapi32::enableconsoletracing		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\tracing\rasapi32::filetracingmask		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\tracing\rasapi32::consoletracingmask		RegNtPreCreateKey

HKLM\software\wow6432node\microsoft\tracing\rasapi32::maxfilesize		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\tracing\rasapi32::filedirectory	%windir%\tracing	RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\ginternet\proxy::enabled		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\gator\stat::guid	1692DA31-0A72-459B-9AF9-9940557FC3B5	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}::gmg	1692DA31-0A72-459B-9AF9-9940557FC3B5	RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\silentsetup\dl::attempts		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\silentsetup\dl::errors		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\silentsetup\dl::filedones		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\silentsetup\dl::urltime		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\silentsetup\dl::urlsize		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\silentsetup\dl::storedfile		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\silentsetup\chk::checkfailures		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\silentsetup\chk::attempts		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\silentsetup\chk::errors		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\bundle\dl::attempts		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\bundle\dl::errors		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\bundle\dl::filedones		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\bundle\dl::urltime		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\bundle\dl::urlsize		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\bundle\dl::storedfile		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\bundle\chk::checkfailures		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\bundle\chk::attempts		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\bundle\chk::errors		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\oemresdll\dl::attempts		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\oemresdll\dl::errors		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\oemresdll\dl::filedones		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\oemresdll\dl::urltime		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\oemresdll\dl::urlsize		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\oemresdll\dl::storedfile		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\oemresdll\chk::checkfailures		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\oemresdll\chk::attempts		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\oemresdll\chk::errors		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler::starttime	娟楰	RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler::starttime	娟楰	RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\gator\stat::guid	9136D7BB-7BB6-491A-80FD-4E1398D5F4C9	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}::gmg	9136D7BB-7BB6-491A-80FD-4E1398D5F4C9	RegNtPreCreateKey

Windows API Usage

Category	API
Network Winsock2	WSAStartup
Network Wininet	InternetConnect InternetOpen InternetQueryOption
Network Winhttp	WinHttpOpen

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

Adware.Gator

Threat Scorecard

EnigmaSoft Threat Scorecard

File System Details

Analysis Report

General information

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

Windows PE Version Information

Windows PE Version Information

File Traits

Block Information

Block Information

Visual Map

Similar Families

Similar Families

Registry Modifications

Registry Modifications

Windows API Usage

Windows API Usage

Submit Comment

Trending

Threatdetect.org

Adware.Apropos

PUP.LDPlayer

Most Viewed

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen

How to Fix 'macOS cannot verify that this app is...