Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 15:19:12 UTC

Malware Signature Match

Low Escalated
ALR-00191 · 2026-04-09T14:31:39Z

Description

Known malware signature (Emotet variant) detected in file on WS-LAP-011. Attack Surface Scanner quarantined the file. User context: l.johnson.

Alert Metadata

Alert ID
ALR-00191
Timestamp
2026-04-09T14:31:39Z
Severity
Low
Status
Escalated
Detection Source
Attack Surface Scanner
Assigned Analyst
EmilyAI (auto)

Endpoint Information

Hostname
WS-LAP-011
User Account
l.johnson
Source IP
45.180.148.147
Destination IP
10.0.168.202
Origin Country
KP North Korea

MITRE ATT&CK Mapping

Tactic
Execution
Technique
T1204.002
Reference
attack.mitre.org/techniques/T1204.002

Investigation Timeline

14:31:39 Event ingested by SOC365 Engine
14:31:40 EmilyAI triage started — correlation enrichment
14:31:48 EmilyAI confidence: 87% — escalated to human analyst
14:32:02 Alert assigned to analyst: EmilyAI (auto)
14:32:41 Investigation started — querying SIEM and threat intelligence
14:37:11 Containment action taken — endpoint isolated
14:49:45 Alert resolved — remediation complete

Related Alerts

ID Time Alert Severity Status Host
ALR-00423 27m ago Pass-the-Hash Detected High Open WS-LAP-011
ALR-00451 49m ago Malware Signature Match Low Resolved WS-PC-006
ALR-00186 1h ago Brute Force SSH Informational Escalated WS-LAP-011
ALR-00122 4h ago DLP Policy Violation Medium Investigating WS-LAP-011
ALR-00112 6h ago Insider Threat Indicator Medium Open WS-LAP-011