Joe Reverser is an agentic AI-driven tool for automated malware reverse engineering and phishing analysis. It uses a Large Language Model (LLM) with tool-calling capabilities to orchestrate a fully autonomous reverse-engineering workflow, dynamically selecting analysis tools and techniques based on file type and context. The tool supports analysis across multiple vectors including files, web content, documents, and emails. It performs multi-stage analysis starting with static inspection, followed by unpacking, disassembly, and dynamic execution, with each stage building on the previous. Key analysis capabilities include: - Static analysis for PE, ELF, MACH-O, PDF, and MSG/EML files - Disassembly and decompilation for native, .NET, Java, Python, and APK formats - Automated unpacking for UPX, InnoSetup, NSIS, AutoIt, Exe4j, PyInstaller, MSI, and others - Code sandbox for advanced unpacking of staged/layered malware - Web browser agent with access to screenshots, raw HTML/JavaScript, downloads, and clipboard - Domain and URL reputation checking - Image analysis including QR code decoding - Integration with Joe Sandbox for dynamic analysis and threat intelligence The reasoning engine iteratively refines its understanding of a threat, feeding new context back into its analysis loop at each phase. Results are delivered as a structured, human-readable intelligence report containing behavior summaries, code insights, indicators of compromise (IOCs), visual breakdowns, and an interactive Q&A interface for analyst follow-up queries. Joe Reverser is available via the Joe Sandbox Cloud Basic plan.