Monday, September 19, 2016

New Release: Joe Sandbox 16 out!

We are proud to release Joe Sandbox 16 today. The release includes Joe Sandbox Mobile 5.0.0 and Joe Sandbox X 2.2.0.

Since our last release in June we have been working on many different field to make Joe Sandbox stronger. Here you find a list of the most important features :


  • More than 52 new behavior signatures. Behavior signatures classify and rate the behavior being captured during execution. This increases our signature database to a total of 1144 signatures. Many of the signatures reveal evasive behavior, e.g. like the Locky evasions:


  • Support for Windows 10 x64. You can now execute malware on the latest Windows 10 x64 operation system. This increases the support of Windows operating system to: XP, W7, W7x64, W8, W10, W10 x64, both as virtual machines (VMs) as well as physical machines. Furthermore Joe Sandbox X now supports analysis on El Capitan (10.11)

 
 


  • Support for bare metal analysis on Android. Joe Sandbox 16 enables to execute and analyze APKs on real Android phones. In contrast to emulators or VMs Android phones features all sensors and hardware devices. Therefore many APKs show their full behavior on a real phone only.




  • Many new anti-evasions. We have improved the stealth of the VMs as well as the simulations on bare metal analysis machines. Checkout our previous blog post to learn more about some of the latest versions:

  • Support for many new file extensions. Joe Sandbox 16 newly supports: PUB, VSD, MPP, JTD, HWP, ACE, LZH and GZ files


  • WEB Interface improvements: Full WEB API Python implementation, tagging, brand new analysis download design, new executive report, SHA1 and SHA256 search:




  • New Cookbook commands: _JBActivateOfficeActiveX, automatically clicks on ActiveX elements inside Word or Excel documents:



In addition we have added the following small features:


  • Multi DEX static analysis for Mobile
  • Fast update
  • New cookbook: accelerate system clock
  • Wscript sleep override
  • New detection status unknown
  • IDA Pro Bridge Plugin for Linux
While Joe Sandbox 16 was small major release, we are planning for Joe Sandbox 17 (planned release in the end of October) big major release with many new analysis features!!! Stay tuned.