Explore Joe Security Cloud Basic Accounts Subscribe to our Newsletters Contact Us
top title background image

Joe Security's Blog

Joe Sandbox 25 - Tiger's Eye is out!

For the last three months, we have been working on Joe Sandbox's 25th version, released today under the code name Tiger's Eye! This release is packed with brand new features and interesting enhancements that make Joe Sandbox more powerful than ever. Our Joe Sandbox Cloud Pro, Basic and OEM servers have already been upgraded to Tiger's Eye a couple of days ago. If you wish to upgrade your on-premise Joe Sandbox Desktop, Mobile, X, Linux, Complete  or Ultimate installation right away, please run the following command: mono joeboxserver.exe --updatefast Even though we're excited about every aspect of this release, in this blog post we will highlight only a few of our favorite Joe Sandbox Tiger's Eye features.


Generic Unpacking of Javascript with Microsoft AMSI

Malicious Javascript files dominate the ranking of malicious e-mail attachments for the year 2018 with 37,2%. Why is that? Due to the flexibility of the Javascript language as well as various dynamic code execution functions, packing and encryption is easy to achieve. As a result, detection of malicious Javascript files is extremely difficult. Below is an example of a recent malicious Javascript file: Wouldn't it be nice to get the unpacked and deobfuscated Javascript code? This would help to detect malicious Javascript and also reveal additional behavior indicators.


Architecture independent Malware Similarity Analysis with Joe Sandbox Class 3.0

Hunting for similar malware is the process of identifying similar samples based on IOCs, behavior, functions or other data. It helps analysts to find malware families, understand the evolution of threats and provides an indication for attribution. There are various techniques to perform similarity analysis or classification. Often, the malware is disassembled and a unique identifier at a function level is being calculated (e.


Older Posts