Trojan.Gator

Por CagedTech em Troianos

Traduzir Para:

Cartão de pontuação de ameaças

Popularity Rank:	53
Nível da Ameaça:	20 % (Normal)
Computadores infectados:	1,115,564

Visto pela Primeira Vez:	July 24, 2009
Visto pela Última Vez:	January 26, 2026
SO (s) Afetados:	Windows

O Trojan.Gator é um software ameaçador que pode exibir avisos falsos sobre o sistema do usuário. O Trojan.Gator entra em um sistema operacional com a intenção de alterar e modificar o Registro, bem como as suas políticas de permissão. O Trojan.Gator pode ser distribuído através de atualizações falsas do Windows, programas de terceiros que alegam serem necessários para assistir vídeos ou um site específico, ou também clicando em banners e anúncios ou fazendo o download de anexos. A mídia social também pode ser uma fonte do Trojan.Gator se os usuários receberem arquivos suspeitos e os executarem.

O Trojan.Gator também pode mostrar avisos referentes a arquivos corrompidos do sistema do Windows que precisam ser corrigidos. A remoção desses arquivos pode criar instabilidade no sistema ou travamentos, de modo que os usuários devem estar cientes de que esses alertas, resultados de digitalização e pop-ups são uma tática de intimidação que os leva a clicar e instalar outras ameaças nas suas máquinas. O Trojan.Gator também pode desativar outros tipos de software em um PC, tais como pacotes antivírus e/ou o Firewall do Windows.

Índice

SpyHunter detecta e remove Trojan.Gator

Detalhes sobre o Registro

Trojan.Gator pode criar a seguinte entrada de registro ou entradas de registro:

File name without path

About GAIN Publishing.lnk

appllist

appmgrgui.zip

cmeupd.exe

egieengine.dll

egieprocess.dll

egnsengine.dll

gator ewallet.lnk

gator website.url

gator.com.esp

gator.exe

gator.log

gatorplugin.log

gatorres.dll

gatorsetup.log

gatorstubsetup.exe

gatorsupportinfo.txt

gmt.exe.manifest

gstartup.lnk

gstore.dll

hdplugin1019.inf

InstallDateManager.exe

mepcatne.dat

mepconv.dat

meprca.dat

mepsi.dat

meptafi.dat

offercompanion.lnk

precisiontime.lnk

PTUninstaller.exe.manifest

sitehash4.dat

sitehash52.dat

svcsap.hsh

HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}

Date Manager

PrecisionTime

Biscoitos

The following cookies may be associated with Trojan.Gator:

Gator

dist.belnk

webpdp.gator

Relatório de análise

Informação geral

Family Name:	Adware.Gator
Signature status:	No Signature

Known Samples

MD5: 0ea78f231cf0a6bd947065745946381d

SHA1: 8d9c7f4d12b56c1ef7b2799e8b50a89857dce3c6

SHA256: 6F25A30891B08AF923044E63A437952C77A7E90B2D37CC7BC00B3521A77371ED

Tamanho do Arquivo: 283.17 KB, 283170 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have debug information
File doesn't have exports table
File doesn't have relocations information
File doesn't have security information
File is 32-bit executable
File is either console or GUI application
File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
File is Native application (NOT .NET application)
File is not packed

IMAGE_FILE_DLL is not set inside PE header (Executable)
IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

Windows PE Version Information

Nome	Valor
File Version	4.2.0.1
Original Filename	Trickler.exe
Product Version	4.2.0.1

File Traits

Block Information

Total Blocks:	993
Potentially Malicious Blocks:	539
Whitelisted Blocks:	453
Unknown Blocks:	1

Visual Map

x x x x x x x x x 0 x x x x x x 0 0 x 0 x x x x x 0 0 x x x x x x x 0 0 x 0 x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x 0 0 0 x x x x x x x x x x x 0 x x x 0 x x x x x x x x 0 0 x 0 x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x 0 ? x x x x x x x x 0 x x x x x x x x x 0 x x 0 0 x x 0 0 x x x 0 x x 0 x x x x x x 1 x x x x x x x x 0 0 0 x 0 x x x x 0 x x 0 0 x x x x 0 0 0 0 0 0 0 0 x x 0 0 0 0 x x 0 x x x 0 0 x x 0 0 x 0 0 0 x x x x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 x x 0 x x x x x x x x x x x x x x x x x 0 x x x x x x x 0 x x x x x x x 0 x 0 x 0 x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x 0 x 0 x x x x 0 x 1 x 0 x x x x x x x 0 x x x x x x x x 0 x x 0 x x x x 0 0 x x x x 0 x 0 x x x x x x 0 x x x x x 0 x 0 0 0 x x x x x x x x x x x x x x x x x x x x x 0 x x x x x 0 x x x x x 0 x x 0 0 x x x 0 x 0 x x x x x x x x x 0 x 0 x 0 0 x x 0 x x x x 0 x x x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x 0 x x x x x x x x x 0 x 0 x x x x x x x x x x x x x x x x x x x x x x x 0 x 0 0 x x x x x x 1 x x x x x x x x x x x x x x x x x 0 0 x x x 0 x 1 x x 0 0 0 x x x x 0 x x x x 0 0 x x x x x x x x x 0 x x x x x x x x x x x x x x x x x x 0 0 1 0 0 0 0 0 1 0 0 0 0 0 1 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x 0 x 0 x 0 x x x x x x 0 0 0 0 0 0 x x x x x x x x x x x x x x x x x 0 x 0 x 0 x 0 x 0 0 0 0 0 0 x x x x x 0 0 0 0 0 x x x x x x x x x x x x x 0 0 x x x x 0 0 0 0 0

0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

Gator.A

Registry Modifications

Key::Value	Dados	API Name
HKLM\software\classes\wow6432node\clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}::uets	偉쑪㌏⭑	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}::gef	@	RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler::firststartvalue	͉	RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\gator\dyn::pdpfirststart	841:NEW	RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\tracing::enableconsoletracing		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\tracing\rasapi32::enablefiletracing		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\tracing\rasapi32::enableautofiletracing		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\tracing\rasapi32::enableconsoletracing		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\tracing\rasapi32::filetracingmask		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\tracing\rasapi32::consoletracingmask		RegNtPreCreateKey

HKLM\software\wow6432node\microsoft\tracing\rasapi32::maxfilesize		RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\tracing\rasapi32::filedirectory	%windir%\tracing	RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\ginternet\proxy::enabled		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\gator\stat::guid	1692DA31-0A72-459B-9AF9-9940557FC3B5	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}::gmg	1692DA31-0A72-459B-9AF9-9940557FC3B5	RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\silentsetup\dl::attempts		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\silentsetup\dl::errors		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\silentsetup\dl::filedones		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\silentsetup\dl::urltime		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\silentsetup\dl::urlsize		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\silentsetup\dl::storedfile		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\silentsetup\chk::checkfailures		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\silentsetup\chk::attempts		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\silentsetup\chk::errors		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\bundle\dl::attempts		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\bundle\dl::errors		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\bundle\dl::filedones		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\bundle\dl::urltime		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\bundle\dl::urlsize		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\bundle\dl::storedfile		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\bundle\chk::checkfailures		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\bundle\chk::attempts		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\bundle\chk::errors		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\oemresdll\dl::attempts		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\oemresdll\dl::errors		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\oemresdll\dl::filedones		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\oemresdll\dl::urltime		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\oemresdll\dl::urlsize		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\oemresdll\dl::storedfile		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\oemresdll\chk::checkfailures		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\oemresdll\chk::attempts		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler\files\oemresdll\chk::errors		RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler::starttime	娟楰	RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\trickler::starttime	娟楰	RegNtPreCreateKey
HKLM\software\wow6432node\gator.com\gator\stat::guid	9136D7BB-7BB6-491A-80FD-4E1398D5F4C9	RegNtPreCreateKey
HKLM\software\classes\wow6432node\clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}::gmg	9136D7BB-7BB6-491A-80FD-4E1398D5F4C9	RegNtPreCreateKey

Windows API Usage

Category	API
Network Winsock2	WSAStartup
Network Wininet	InternetConnect InternetOpen InternetQueryOption
Network Winhttp	WinHttpOpen

O Pedido de Falência da Processadora de Pagamentos Digitais River GmbH do EnigmaSoft não Afeta a Proteção Anti-Malware dos Clientes do SpyHunter

Buscar

Mudar de região

Trojan.Gator

Cartão de pontuação de ameaças

EnigmaSoft Threat Scorecard

SpyHunter detecta e remove Trojan.Gator

Detalhes sobre o Registro

Biscoitos

Relatório de análise

Informação geral

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

Windows PE Version Information

Windows PE Version Information

File Traits

Block Information

Block Information

Visual Map

Similar Families

Similar Families

Registry Modifications

Registry Modifications

Windows API Usage

Windows API Usage

Enviar o Comentário

Tendendo

Adware.Apropos

Trojan.Lop_com

Trojan.Tacur

Mais visto

Como Corrigir o Erro 'Driver da Impressora...

O Discord Exibe uma Tela Preta ao Compartilhar a Tela

Como Corrigir 'o macOS não pode verificar se este...