Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 15:27:38 UTC

Malware Signature Match

Low False Positive
ALR-00108 · 2026-04-10T22:16:07Z

Description

Known malware signature (Emotet variant) detected in file on SRV-MAIL-01. Firewall quarantined the file. User context: m.taylor.

Alert Metadata

Alert ID
ALR-00108
Timestamp
2026-04-10T22:16:07Z
Severity
Low
Status
False Positive
Detection Source
Firewall
Assigned Analyst
EmilyAI (auto)

Endpoint Information

Hostname
SRV-MAIL-01
User Account
m.taylor
Source IP
45.176.148.115
Destination IP
10.3.177.29
Origin Country
BR Brazil

MITRE ATT&CK Mapping

Tactic
Execution
Technique
T1204.002
Reference
attack.mitre.org/techniques/T1204.002

Investigation Timeline

22:16:07 Event ingested by SOC365 Engine
22:16:10 EmilyAI triage started — correlation enrichment
22:16:22 EmilyAI confidence: 94% — escalated to human analyst
22:16:25 Alert assigned to analyst: EmilyAI (auto)
22:18:56 Investigation started — querying SIEM and threat intelligence
22:20:24 Containment action taken — endpoint isolated
22:27:49 Alert resolved — remediation complete

Related Alerts

ID Time Alert Severity Status Host
ALR-00006 43m ago Certificate Anomaly Low Investigating SRV-MAIL-01
ALR-00036 5h ago Kerberoasting Attempt Informational Resolved SRV-MAIL-01
ALR-00222 7h ago Malware Signature Match Low Investigating SRV-FILE-01
ALR-00452 10h ago C2 Beacon Activity Informational Investigating SRV-MAIL-01
ALR-00264 18h ago Malware Signature Match Informational Resolved SRV-BACKUP-01