Joe Security's Blog
RSS Feed Atom Feed

Joe Sandbox v44 - Smoke Quartz

Today, we are proud to release Joe Sandbox 44 under the code name Smoke Quartz ! This release is packed with many new detection signatures and important features to improve Joe Sandbox.Our Joe Sandbox Cloud Pro, Basic, and OEM servers have recently been upgraded to Smoke Quartz.If you wish to upgrade your on-premise Joe Sandbox installation, please follow the instructions in the chapter on "Updating" in the user guide which you find in our customer portal. 339 new SignaturesSmoke Quartz comes with a very large number of new Yara and Behavior signatures to detect new malware families like TrashAgent, UDPGangster, ArliaiBot, ChromElevator, Sicari Ransomware, DeskRAT, Apollo Logger, SHub Stealer, DriverFixer0428, DigitStealer, Aisuru, Heaven Stealer, TOLLBOOTH and Scarface Stealer and many more.

Breaking Down an Access-Code-Gated Malware Delivery Chain

In this post, we present an interesting malware delivery chain observed through Joe Sandbox Cloud Basic. At first glance, the sample appears difficult to analyze dynamically: execution is gated by an access code, the second stage is protected by time-based checks, and additional packing is applied. As a result, dynamic analysis alone is insufficient to fully uncover the attack. To overcome these obstacles, we combine Joe Reverser and Joe Sandbox to reconstruct the full delivery chain, from the initial phishing email to the final payload.

Happy New Year 2026

Thank you to our customers and friends for your support throughout 2025. The entire Joe Security team wishes you good health, success, and many wonderful moments in 2026..