Clik here to view.
Pure Innovation: Hybrid Decompilation with Joe Sandbox DEC
Joe Security is proud to announce its latest innovative technology - Hybrid Decompilation (HDC). This unique new feature builds upon Hybrid Code Analysis (HCA) to empower the malware analyst with...
View ArticleClik here to view.
Introducing Behavior Graphs in Joe Sandbox 13
We are proud to release today Joe Sandbox 13! The 13 release includes a couple of very cool new features, including:Support for Windows 1070 new behavior signaturesAnalysis advice signatures Static...
View ArticleClik here to view.
Happy New Year!
The Joe Security team wishes you success, satisfaction and many pleasant moments in 2016!
View ArticleClik here to view.
Spider charts, Deep OLE, 950+ and more
Over the last couple of weeks, we have been very busy and have added new features to Joe Sandbox. In this post, we are going to show you our favorites. These features cross the complete space of...
View ArticleClik here to view.
HydraCrypt the badass Ransomware
2015 was definitely the year of ransomwares and it seems 2016 is no different. Yesterday we came across a new ransomware called HydraCrypt:Hydra is no different than other ransomware like Cryptowall or...
View ArticleClik here to view.
Nymaim - evading Sandboxes with API hammering
Recently we were investigating interesting piece of malware that was generating quite huge workload in the sandboxed environment. To introduce proper countermeasures we had to fully reverse it. It...
View ArticleClik here to view.
Adaptive Internet Simulation
Nearly any malware today uses the Internet for communication. Often to download second stage malware, to register at its command and control server, or to spread and propagate. By capturing and...
View ArticleClik here to view.
Black Hat USA 2016
Good news! Joe Security will be at Black Hat USA 2016. Meet the Joe Security team at booth IC32 - Innovation City from August 3-4 and get a personal presentation of the Joe Sandbox 15!
View ArticleClik here to view.
Summary of recent Anti-Sandbox Tricks
Regardless of the technology being used maintaining an efficient sandbox requires to continuously monitor new malware samples in order to effectively cope with new evasion techniques. Today we want to...
View ArticleClik here to view.
Rise of VBS Scripts evading Sandboxes
We recently experienced new waves of malicious e-mails which use some cool trick to evade Sandboxes. In this blog post we are going to outline shortly our analysis. The e-Mails look like this:...
View ArticleClik here to view.
Will it blend? This is the Question, new Macro based Evasions spotted
Do you remember the "Will it blend?" YouTube series, where a guy tries to blend anything possible with his magic blender? If not here is a nice example:Today I often feel like being asked "Will it...
View ArticleClik here to view.
New Release: Joe Sandbox 16 out!
We are proud to release Joe Sandbox 16 today. The release includes Joe Sandbox Mobile 5.0.0 and Joe Sandbox X 2.2.0.Since our last release in June we have been working on many different field to make...
View ArticleClik here to view.
Pafish for Office Macro
We always have been fans of the famous Pafish tool by Alberto Ortega. Pafish is a tool to check recent anti-malware analysis tricks and evasions against your favorite sandbox. Moreover it enables to...
View ArticleClik here to view.
Introducing Joe Sandbox I – Deep iOS Malware Analysis
We are proud to present today Joe Sandbox I– the first automated malware analysis system for iOS that combines dynamic and static analysis for deep malware forensics. Joe Sandbox is now able to analyze...
View ArticleClik here to view.
Generic VBA Instrumentation for Microsoft Office Documents
For the last couple of months, we have witnessed a resurgence of Microsoft Office macro malware, cyber attackers leveraging once again macros for evil. Macros are a very efficient set of VBA’s (Visual...
View ArticleClik here to view.
Joe Sandbox 17
We are proud to release Joe Sandbox 17 today. Below you will find some of the most important features and improvements being added:Generic VBA InstrumentationVBA instrumentation captures runtime...
View ArticleClik here to view.
Detecting malicious e-Mails with Joe Sandbox Mail
Nowadays, e-mails have become a defacto standard way to deliver malware to endpoints, infections through the web browser becoming seldom. Attackers are now crafting more sophisticated malware embedded...
View ArticleClik here to view.
Clik here to view.
New Sandbox Evasion Tricks spot with Joe Sandbox 10.5
Recently we came accross an interesting sample equipped with new tricks to evade sandboxes and other dynamic analysis systems: In pseude code:The sample sleeps until there is a mouse and foreground...
View ArticleClik here to view.
Deep Analysis of Android Ransom Charger
A couple of days ago, Checkpoint discovered a nice new Android malware (MD5: 2b83bd1d97eb911e9d53765edb5ea79e), you can find the full blog post here. While the find is interesting, their analysis lacks...
View Article