Threat Encyclopedia
Riskware/Elemental
Analysis
Riskware/Elemental is a generic detection for a Riskware Browser.
Since this is a generic detection, malware that are detected as Riskware/Elemental may have varying behaviour.
Below are examples of its behaviours:
- The browser was based on open source Chromium according to its Help Page. The distribution appears to be only in Russian language.
- The application on its default installation has been observed to connect to the following:
- hxxps://8{Removed}.208.7.90
- hxxps://sovetni{Removed}.market.http.yandex.ru
- hxxps://stati{Removed}.yandex.net:https
- hxxps://fron{Removed}.portal.rambler.ru
- Below are some its illustration:
- Figure 1: Installation.
- Figure 2: Browser.
- Figure 3: Bundles.
Recommended Action
- Make sure that your FortiGate/FortiClient system is using the latest AV database.
- Quarantine/delete files that are detected and replace infected files with clean backup copies.
✖