Riskware/InnoGenForcAlgo
Analysis
Riskware/InnoGenForcAlgo is a generic detection for a Riskware.
Since this is a generic detection, malware that are detected as Riskware/InnoGenForcAlgo may have varying behaviour.
Below are some of its observed characteristics/behaviours:
- Samples that are detected as Riskware/InnoGenForcAlgo are know to have utilized Inno Setup packaging, which is commonly used on Adware/Riskware Installers.
- Below are some of the noticeable illustration of some tested samples:
- Figure 1: Installer.
- Figure 2: Installer.
- Figure 3: Installer.
- Figure 4: Prompt message from an incomplete installer.
Recommended Action
- Make sure that your FortiGate/FortiClient system is using the latest AV database.
- Quarantine/delete files that are detected and replace infected files with clean backup copies.
Telemetry
Detection Availability
FortiGate | |
---|---|
Extended | |
FortiClient | |
FortiMail | |
FortiSandbox | |
FortiWeb | |
Web Application Firewall | |
FortiIsolator | |
FortiDeceptor | |
FortiEDR |