Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 18:39:49 UTC

Malware Signature Match

Medium False Positive
ALR-00033 · 2026-07-08T04:42:52Z

Description

Known malware signature (Emotet variant) detected in file on SRV-MAIL-01. DecoyPulse quarantined the file. User context: n.clark.

Alert Metadata

Alert ID
ALR-00033
Timestamp
2026-07-08T04:42:52Z
Severity
Medium
Status
False Positive
Detection Source
DecoyPulse
Assigned Analyst
Marcus Webb

Endpoint Information

Hostname
SRV-MAIL-01
User Account
n.clark
Source IP
185.250.220.115
Destination IP
10.0.245.143
Origin Country
CN China

MITRE ATT&CK Mapping

Tactic
Execution
Technique
T1204.002
Reference
attack.mitre.org/techniques/T1204.002

Investigation Timeline

04:42:52 Event ingested by SOC365 Engine
04:42:56 EmilyAI triage started — correlation enrichment
04:43:02 EmilyAI confidence: 93% — escalated to human analyst
04:43:08 Alert assigned to analyst: Marcus Webb
04:44:34 Investigation started — querying SIEM and threat intelligence
04:51:45 Containment action taken — endpoint isolated
04:53:02 Alert resolved — remediation complete

Related Alerts

ID Time Alert Severity Status Host
ALR-00084 4h ago Malware Signature Match Low False Positive SRV-DC-01
ALR-00440 4h ago Malware Signature Match Critical Escalated SRV-BACKUP-01
ALR-00420 9h ago Malware Signature Match Medium False Positive SRV-DC-01
ALR-00100 10h ago Suspicious Scheduled Task Medium Open SRV-MAIL-01
ALR-00011 10h ago Tor Exit Node Connection Informational Escalated SRV-MAIL-01