The Trickler-delivered Trojan named DoubleFantasy is associated with which broader family?

Rootkit Trojans are built to hide themselves and other components on the system, using rootkit techniques to evade detection and maintain persistence. The DoubleFantasy Trojan, delivered via Trickler, fits this pattern because its defining trait is concealment and stealth within the host, which is the hallmark of the rootkit Trojan family. HTML Injection describes adding malicious content to web pages and isn’t a malware family by itself, so it doesn’t fit here. GlitchPOS is a POS-specific malware family focused on card data theft, not on hiding itself from detection. TAN Gabber is another backdoor family with different operational traits, not defined by rootkit concealment. Therefore, the best match is Rootkit Trojans.