Malware Signature Match
Medium
Resolved
ALR-00198 · 2026-07-11T06:42:16Z
Description
Known malware signature (Emotet variant) detected in file on SRV-BACKUP-01. DLP Module quarantined the file. User context: f.hall.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
06:42:16
Event ingested by SOC365 Engine
06:42:19
EmilyAI triage started — correlation enrichment
06:42:22
EmilyAI confidence: 92% — escalated to human analyst
06:42:46
Alert assigned to analyst: Emma Richardson
06:45:10
Investigation started — querying SIEM and threat intelligence
06:48:58
Containment action taken — endpoint isolated
07:02:01
Alert resolved — remediation complete
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00216 | 1h ago | Certificate Anomaly | Medium | False Positive | SRV-BACKUP-01 |
| ALR-00353 | 2h ago | Port Scan Detected | Low | Escalated | SRV-BACKUP-01 |
| ALR-00429 | 5h ago | Pass-the-Hash Detected | Medium | False Positive | SRV-BACKUP-01 |
| ALR-00405 | 8h ago | Malware Signature Match | Critical | Escalated | WS-MAC-005 |
| ALR-00001 | 10h ago | Malware Signature Match | Low | False Positive | SRV-BACKUP-01 |