diff --git a/misp_modules/lib/joe_parser.py b/misp_modules/lib/joe_parser.py
index 8ae57a9..e701ff3 100644
--- a/misp_modules/lib/joe_parser.py
+++ b/misp_modules/lib/joe_parser.py
@@ -111,7 +111,7 @@ class JoeParser():
             if network.get(protocol):
                 for packet in network[protocol]['packet']:
                     timestamp = datetime.strptime(self.parse_timestamp(packet['timestamp']), '%b %d, %Y %H:%M:%S.%f')
-                    connections[tuple(packet[field] for field in network_behavior_fields)][protocol].add(timestamp)
+                    connections[tuple(packet.get(field) for field in network_behavior_fields)][protocol].add(timestamp)
         for connection, data in connections.items():
             attributes = self.prefetch_attributes_data(connection)
             if len(data.keys()) == len(set(protocols[protocol] for protocol in data.keys())):
diff --git a/misp_modules/modules/expansion/joesandbox_query.py b/misp_modules/modules/expansion/joesandbox_query.py
index f90d5db..e303512 100644
--- a/misp_modules/modules/expansion/joesandbox_query.py
+++ b/misp_modules/modules/expansion/joesandbox_query.py
@@ -21,7 +21,7 @@ def handler(q=False):
     apiurl = request['config'].get('apiurl') or 'https://jbxcloud.joesecurity.org/api'
     apikey = request['config'].get('apikey')
     parser_config = {
-        "import_pe": request["config"].get('import_executable', "false") == "true",
+        "import_executable": request["config"].get('import_executable', "false") == "true",
         "mitre_attack": request["config"].get('import_mitre_attack', "false") == "true",
     }