Explore Joe Security Cloud Basic Accounts Subscribe to our Newsletters Contact Us
top title background image

Joe Security's Blog

Evasive Malware hits French Corporations

We recently we came across an interesting sample on Joe Sandbox Cloud Basic: The sample has been detected as malicious, yet this is mainly due to Antivirus signatures hits: When looking closely at the Behavior Graph, one discovers something interesting: The main sample is unpacking itself to facture_1398665.tmp. This process then creates a whole bunch of temporary PE files which are then renamed in the next step: Hostile Firefox loading LOL Among the PE files is a file called firefox.exe.


Deep Analysis of Java Archives

Analyzing binaries dynamically is a tricky job. We believe there are 5 major challenges when attempting to do so: Today's focus is on one problem referred to as “Variety of Input”. Let us assume you have developed a great technology which can deeply analyze malware written in x86 or x64. As great as it may be, it will not get you far if the malware is written in C#, VBS, JS, Powershell, VB, Delphi or Java.


Introducing Joe Sandbox Mail Monitor

Let us assume that you are working in a SOC and are receiving hundreds of requests from end-users asking if an e-Mail is safe to open or not. In most cases, you would take the e-mail and submit it to Joe Sandbox in order to check its behavior report. If the respective e-mail showed signs of malicious attachment or URL, you would consequently inform the end-user. Wouldn't it be nice if this whole process could be automated? Wouldn't it be great if you could choose to get notified about a detection or not, based on the analysis verdict or its score? In this regard, we have good news for you! Joe Sandbox Mail Monitor is exactly what you are looking for.


Older Posts