Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 13:52:48 UTC

Malware Signature Match

High Investigating
ALR-00086 · 2026-04-08T02:55:28Z

Description

Known malware signature (Emotet variant) detected in file on WS-PC-002. DLP Module quarantined the file. User context: c.williams.

Alert Metadata

Alert ID
ALR-00086
Timestamp
2026-04-08T02:55:28Z
Severity
High
Status
Investigating
Detection Source
DLP Module
Assigned Analyst
James Okonkwo

Endpoint Information

Hostname
WS-PC-002
User Account
c.williams
Source IP
185.221.220.214
Destination IP
10.1.140.85
Origin Country
IR Iran

MITRE ATT&CK Mapping

Tactic
Execution
Technique
T1204.002
Reference
attack.mitre.org/techniques/T1204.002

Investigation Timeline

02:55:28 Event ingested by SOC365 Engine
02:55:32 EmilyAI triage started — correlation enrichment
02:55:37 EmilyAI confidence: 85% — escalated to human analyst
02:56:02 Alert assigned to analyst: James Okonkwo
02:56:17 Investigation started — querying SIEM and threat intelligence

Related Alerts

ID Time Alert Severity Status Host
ALR-00373 1h ago Malware Signature Match Informational False Positive SRV-MAIL-01
ALR-00073 11h ago Credential Stuffing Attempt Medium Investigating WS-PC-002
ALR-00101 17h ago Malware Signature Match Low Open SW-CORE-01
ALR-00344 19h ago Ransomware Behaviour Detected Medium Open WS-PC-002
ALR-00391 1d ago Unusual Outbound Traffic High Investigating WS-PC-002