diff --git a/misp_modules/modules/import_mod/joe_import.py b/misp_modules/modules/import_mod/joe_import.py
index 237218d..c70531c 100644
--- a/misp_modules/modules/import_mod/joe_import.py
+++ b/misp_modules/modules/import_mod/joe_import.py
@@ -60,6 +60,7 @@ class JoeParser():
         self.misp_event = MISPEvent()
         self.references = defaultdict(list)
         self.attributes = defaultdict(lambda: defaultdict(set))
+        self.process_references = {}
 
     def parse_joe(self):
         self.parse_fileinfo()
@@ -101,6 +102,10 @@ class JoeParser():
                     hash_type = dropped_hash_mapping[h['@algo']]
                     file_object.add_attribute(hash_type, **{'type': hash_type, 'value': h['$']})
                 self.misp_event.add_object(**file_object)
+                self.references[self.process_references[(int(droppedfile['@targetid']), droppedfile['@process'])]].append({
+                    'idref': file_object.uuid,
+                    'relationship': 'drops'
+                })
 
     def parse_network_behavior(self):
         network = self.data['behavior']['network']
@@ -148,6 +153,7 @@ class JoeParser():
                 for field, to_call in process_activities.items():
                     to_call(process_object.uuid, process[field])
                 self.references[self.fileinfo_uuid].append({'idref': process_object.uuid, 'relationship': 'calls'})
+                self.process_references[(general['targetid'], general['path'])] = process_object.uuid
 
     def parse_fileactivities(self, process_uuid, fileactivities):
         for feature, files in fileactivities.items():