Explore Joe Security Cloud Basic Accounts Subscribe to our Newsletters Contact Us
top title background image

Joe Security's Blog

NotPetya reappears as BadRabbit and keeps the Semi Kill Switch

Yesterday, Russia and Ukraine have been targeted by the Bad Rabbit Ransomware, distributed via drive by. The sample named install_flash_player.exe, sha256 630325cac09ac3fab908f903e3b00d0dadd5fdaa0875ed8496fcbb97a558d0da has some very strong similarities to NotPetya, the ransomware spreading via EternalBlue SMB exploit in June. There are many behaviors based similarities, such as started processes: NotPetya Bad Rabbit But there are also many code based similarities.


Bare Metal - Golden Hardware

Joe Sandbox enables analysts to execute and analyze malware on Bare Metal machines. What is Bare Metal and why does it matter? No, it is not the cool Bare Metal hot rod above, but it has a similar performance! Dynamic malware analysis systems (so-called sandboxes) execute malware samples on a segregated machine and capture the runtime of the behavior. Sandbox vendors use different types of analysis machines: Virtual Machines Virtual Machines (VMs) are the most common. They run inside VirtualBox, VMware, KVM or Xen - the top four virtualization solutions.


Joe Sandbox 20 is out!

Happy Release Day!!! A new Joe Sandbox version is out! This is our twentieth release, what a number! Version 20 is a big release with many improvements, enhancements, and new features. If you have an on-premise installation you can simply upgrade to Joe Sandbox 20 via: mono joeboxserver --updatefast In this blog post, we will show some of the enhancements and features of the new release. 74 New Behavior Signatures We have added a record number of 74 new signatures to Joe Sandbox Desktop, Mobile, X, Complete and Ultimate. Well, the last months have indeed been very busy with WannaCry, Petya, WireX, CVE-2017-8759 and CCleaner.


Older Posts