Joe Sandbox ML is run on function traces gathered by Joe Sandbox during execution. This not only includes executables but also installers and common script types like PowerShell. By leveraging advanced analysis techniques, Joe Sandbox ML ensures that a wide variety of malware entry points are thoroughly examined. For all these files, Joe Sandbox ML will generate a verdict which is either clean or malicious. Joe Sandbox ML's verdict is then combined with the threat score determined via the dynamic execution. The final verdict is shown to the user, providing a detailed and reliable assessment of the sample's behavior and intent.
Joe Sandbox ML greatly helps to detect malware samples which do not show much behavior during the dynamic execution. By combining static with dynamic function traces, even crashing samples or DLLs can be effectively analyzed, enabling the detection of malicious intent and characteristics that might otherwise be missed. This comprehensive approach ensures no detail is overlooked, offering robust analysis for sophisticated threats that may evade traditional methods.
Contact Joe Security to schedule a technical presentation.
Joe Sandbox ML employs cutting-edge deep learning techniques to scrutinize executable behaviors, analyzing Windows API calls and static PE data for precise threat detection.
Joe Sandbox ML provides advanced detection across a wide range of file types, not limited to PE files. From MSI and JAR to PowerShell and Batch scripts, Joe Sandbox ML identifies threats in diverse executable formats.
Joe Sandbox ML is tuned to detect as many malicious samples as possible. In addition, Joe Sandbox ML results have a low false positive rate.
Joe Sandbox ML provides a verdict very quickly, often under one second. This allows to analyze thousands of files very quickly.
Contact Joe Security to schedule a technical presentation.