Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 19:43:38 UTC

Malware Signature Match

Low Open
ALR-00221 · 2026-07-07T17:15:37Z

Description

Known malware signature (Emotet variant) detected in file on SRV-APP-01. Endpoint Agent quarantined the file. User context: d.walker.

Alert Metadata

Alert ID
ALR-00221
Timestamp
2026-07-07T17:15:37Z
Severity
Low
Status
Open
Detection Source
Endpoint Agent
Assigned Analyst
EmilyAI (auto)

Endpoint Information

Hostname
SRV-APP-01
User Account
d.walker
Source IP
185.161.220.30
Destination IP
10.3.125.66
Origin Country
KP North Korea

MITRE ATT&CK Mapping

Tactic
Execution
Technique
T1204.002
Reference
attack.mitre.org/techniques/T1204.002

Investigation Timeline

17:15:37 Event ingested by SOC365 Engine
17:15:41 EmilyAI triage started — correlation enrichment
17:15:46 EmilyAI confidence: 94% — escalated to human analyst
17:15:56 Alert assigned to analyst: EmilyAI (auto)
17:18:18 Investigation started — querying SIEM and threat intelligence

Related Alerts

ID Time Alert Severity Status Host
ALR-00357 6h ago Certificate Anomaly Medium False Positive SRV-APP-01
ALR-00333 7h ago Malware Signature Match Low Escalated SRV-MAIL-01
ALR-00345 13h ago Brute Force SSH High Investigating SRV-APP-01
ALR-00036 15h ago DecoyPulse Honeypot Triggered Low Resolved SRV-APP-01
ALR-00304 17h ago Rogue DHCP Server Medium Resolved SRV-APP-01