Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 13:52:50 UTC

Malware Signature Match

Medium Escalated
ALR-00040 · 2026-04-09T15:36:03Z

Description

Known malware signature (Emotet variant) detected in file on SRV-BACKUP-01. Attack Surface Scanner quarantined the file. User context: s.jones.

Alert Metadata

Alert ID
ALR-00040
Timestamp
2026-04-09T15:36:03Z
Severity
Medium
Status
Escalated
Detection Source
Attack Surface Scanner
Assigned Analyst
Anika Patel

Endpoint Information

Hostname
SRV-BACKUP-01
User Account
s.jones
Source IP
91.148.195.205
Destination IP
10.1.147.115
Origin Country
NG Nigeria

MITRE ATT&CK Mapping

Tactic
Execution
Technique
T1204.002
Reference
attack.mitre.org/techniques/T1204.002

Investigation Timeline

15:36:03 Event ingested by SOC365 Engine
15:36:07 EmilyAI triage started — correlation enrichment
15:36:10 EmilyAI confidence: 85% — escalated to human analyst
15:36:21 Alert assigned to analyst: Anika Patel
15:36:56 Investigation started — querying SIEM and threat intelligence
15:40:45 Containment action taken — endpoint isolated
15:47:18 Alert resolved — remediation complete

Related Alerts

ID Time Alert Severity Status Host
ALR-00373 1h ago Malware Signature Match Informational False Positive SRV-MAIL-01
ALR-00484 2h ago Pass-the-Hash Detected Low False Positive SRV-BACKUP-01
ALR-00332 12h ago Data Exfiltration Attempt Low Investigating SRV-BACKUP-01
ALR-00066 14h ago Data Exfiltration Attempt Low Open SRV-BACKUP-01
ALR-00485 15h ago Phishing Email Blocked Critical Open SRV-BACKUP-01