Joe Sandbox Operation
Overview
The ThreatQuotient for Joe Sandbox Operation provides context in the form of attributes and indicators of compromise from the Joe Sandbox API. It will submit a file, or url for analysis in Joe Sandbox. After the report has run, you can get the details of the analysis and upload the report to ThreatQ.
Deep Analysis
Tired of manual malware analysis? Perform one of the deepest analysis possible - fully automated - from static to dynamic, from dynamic to hybrid, from hybrid to graph analysis. Rather than focus on one, use the best of multiple technologies including hybrid analysis, instrumentation, hooking, hardware virtualization and emulation. Check out our reports to see the difference.
Cross Platform and Bare-Metal
Analyze any threat on any platform including Windows W7, W10, macOS, Android, iOSand Linux. No dependency on the analysis enviroment or hypervisor such as QEMU of KVM! Analyze threats dynamically on VMs and physical machines including bare-metal laptops, PCs and phones.
Unlimited Input
Analyze any file including PEs (DLL, SYS, EXE, CPL), office documents (PDF, DOC, DOCX, DOCXM, XLS, PPT, HWP, JTD etc), browser plugins, scripts (JS, VBS, WSF, VBE, PS), JAR files, URLs, Mails, APKs, MachOs, DMGs and more.
Unlimited Output
Get IOCs in PDF, HTML, JSON, XML, MAEC, MISP and OpenIOC format. Access extensive forensic meta data such as PCAPs, Yara Rules, screenshots, memory dumps, dropped files, unpacked PE files, strings, code dumps and C-like codes (decompilation). Reverse threats further with our IDA Pro plugin.
Ready to Scale
Analyze large samples sets efficiently. Scale the sandbox rapidly and fully automated. Use an intelligent multilayered system to focus on the most interesting threats.
Agile Sandbox
Configure the malware analysis process, including analysis environment setup, malware startup, behavior analysis and detection. Simulate user interaction. Integrate Joe Sandbox by our simple RestFul API and SDK.