Open and agile malware
analysis tools to deeply
understand malicious codes.
Joe Sandbox is the automated malware analysis system which implements any state of the art program analysis technology from coarse to fine grained including dynamic, static and hybrid. Joe Sandbox’s analysis spectrum enables to discover any behavior including hidden or obfuscated parts.
Joe Sandbox is the only system that analyzes cyber threats on Windows XP, Vista, W7, W7 x64, W8, W10, Android platforms and Mac OS X. Joe Sandbox enables analysis on virtual and physical machines, including bare-metal laptops and PCs.
Joe Sandbox understands and analyzes a wide range of file formats including any PE files, office documents (PDF, DOC, XLS, PPT etc), browser plugins, jar files, URLs, android application packages, MachOs and DMGs.
Joe Sandbox generates extensive reports in PDF, HTML, JSON, XML, MAEC, MISP and OpenIOC format. Additional forensic results include PCAPs, Yara Rules, screenshots, memory dumps, dropped files, unpacked PE files, strings, code dumps and C-like codes (decompilation).
Joe Sandbox is an intelligent multilayered system which enables to process large numbers of files rapidly. Based on efficient static analysis as well as a light analysis mode Joe Sandbox filters goodware efficiently.
Joe Sandbox is an open malware analysis system with a high setup and configuration freedom. All key processes including analysis environment setup, malware startup, behavior analysis and detection can be customized. Joe Sandbox includes several APIs for seamless automation and integration.