Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 18:04:50 UTC

Malware Signature Match

Low Investigating
ALR-00240 · 2026-05-27T09:56:20Z

Description

Known malware signature (Emotet variant) detected in file on WS-PC-003. DLP Module quarantined the file. User context: f.hall.

Alert Metadata

Alert ID
ALR-00240
Timestamp
2026-05-27T09:56:20Z
Severity
Low
Status
Investigating
Detection Source
DLP Module
Assigned Analyst
EmilyAI (auto)

Endpoint Information

Hostname
WS-PC-003
User Account
f.hall
Source IP
103.167.216.149
Destination IP
10.3.157.116
Origin Country
NG Nigeria

MITRE ATT&CK Mapping

Tactic
Execution
Technique
T1204.002
Reference
attack.mitre.org/techniques/T1204.002

Investigation Timeline

09:56:20 Event ingested by SOC365 Engine
09:56:24 EmilyAI triage started — correlation enrichment
09:56:28 EmilyAI confidence: 96% — escalated to human analyst
09:57:01 Alert assigned to analyst: EmilyAI (auto)
09:57:45 Investigation started — querying SIEM and threat intelligence

Related Alerts

ID Time Alert Severity Status Host
ALR-00280 37m ago Tor Exit Node Connection Low Escalated WS-PC-003
ALR-00318 5h ago Tor Exit Node Connection Informational Escalated WS-PC-003
ALR-00485 8h ago Suspicious PowerShell Execution Low Open WS-PC-003
ALR-00022 18h ago Anomalous DNS Query Medium Escalated WS-PC-003
ALR-00373 1d ago Tor Exit Node Connection Medium Escalated WS-PC-003