Generic Classification
In order to quickly determine the malicious payload we have added a spider chart visualization to the analysis report:
Joe Sandbox also generates a new classification label:
All classification figures are available in the Joe Sandbox reports (XML, JSON) as raw formats. The complete classification algorithm is open and therefore enables customized tuning. Our spider charts help to quickly determine the type of the malware without requiring any in-depth technical understanding of the malware. By clicking on the malware icons you can get a detailed description. Besides the spider chart, we also introduced new pie charts for many analysis data as well as for the famous behavior graphs:
Example report:
Deep Static Analysis of OLE files
WMI Analysis
Inspection of HTTPS Traffic
950+ Behavior Signatures
We have developed many new behavior signatures. Our complete set has currently over 950 signatures. Many of the new signatures are highly advanced:
USB Fake Drive
Want to see if malware infects USB drives? Want to see if malware spreads via network shares? No problem! We have functionality to create a USB fake drive:
Network shares are simulated with our Adaptive Internet Simulation Technology:
The features outlined are just a selection. There are various other extensions and improvements which were developed. We have also planned some great new features for 2016! So watch out!