virus logo Virus

Riskware/Elemental

description-logoAnalysis



Riskware/Elemental is a generic detection for a Riskware Browser. Since this is a generic detection, malware that are detected as Riskware/Elemental may have varying behaviour.
Below are examples of its behaviours:

  • The browser was based on open source Chromium according to its Help Page. The distribution appears to be only in Russian language.

  • The application on its default installation has been observed to connect to the following:
    • hxxps://8{Removed}.208.7.90
    • hxxps://sovetni{Removed}.market.http.yandex.ru
    • hxxps://stati{Removed}.yandex.net:https
    • hxxps://fron{Removed}.portal.rambler.ru

  • Below are some its illustration:

    • Figure 1: Installation.


    • Figure 2: Browser.


    • Figure 3: Bundles.



recommended-action-logoRecommended Action

  • Make sure that your FortiGate/FortiClient system is using the latest AV database.
  • Quarantine/delete files that are detected and replace infected files with clean backup copies.

Telemetry logoTelemetry

Detection Availability

FortiGate
Extended
FortiClient
FortiMail
FortiSandbox
FortiWeb
Web Application Firewall
FortiIsolator
FortiDeceptor
FortiEDR

Version Updates

Date Version Detail
2024-04-08 92.03187
2024-03-29 92.02892
2024-03-26 92.02815
2024-03-26 92.02811
2024-02-12 92.01512
2023-12-25 92.00054
2023-09-19 91.07104
2023-06-27 91.04592
2023-06-27 91.04590
2023-06-27 91.04583
ID 7380314
Released May 01, 2018
Description
Updated		 May 05, 2017
Aliases Win32/Elemental.C potentially unwanted application
Platform Profile Riskware is a term for potentially unwanted or dangerous software programs that do not fall under Adware. They could be legitimate software applications that may be misused and pose possible security risks to users.