Explore Joe Security Cloud Basic Accounts Contact Us
top title background image

Joe Security's Blog

Introducing Behavior Graphs in Joe Sandbox 13

Published on: 16.11.2015

We are proud to release today Joe Sandbox 13! The 13 release includes a couple of very cool new features, including:

  • Support for Windows 10
  • 70 new behavior signatures
  • Analysis advice signatures
  • Static unpackers for VBE and SWF
  • Live system performance statistics in the web interface
  • COM Analysis
  • String analysis in compressed files
  • Static file analysis for Flash
  • Static PE file analysis for dropped / downloaded files
  • New tricks to prevent VM-detection
  • ASN detection for IPs 
  • Code obfuscation detection for Hybrid Code Analysis (HCA)
  • Behavior graphs
  • Hybrid Decompilation (HDC) Plugin
  • Big performance improvements

Beside of the Hybrid Decompilation (DEC) Technology we have also developed a new feature called Behavior graphs. Behavior graphs are new graphs which display the behavior of a sample. They show processes, IPs, domains, dropped files as well as behavior signatures in a connected graph. The graph coloring is very simple and intuitive while the format is clean and well structured.

We also invested lot of brain power into shrinking and compressing the graph so that it stays small and clear.

Below you find several behavior graphs with the corresponding Joe Sandbox analysis report: