Malware Signature Match
Low
False Positive
ALR-00268 · 2026-07-06T10:07:05Z
Description
Known malware signature (Emotet variant) detected in file on SRV-BACKUP-01. Email Gateway quarantined the file. User context: r.davies.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
10:07:05
Event ingested by SOC365 Engine
10:07:10
EmilyAI triage started — correlation enrichment
10:07:16
EmilyAI confidence: 83% — escalated to human analyst
10:07:32
Alert assigned to analyst: EmilyAI (auto)
10:08:09
Investigation started — querying SIEM and threat intelligence
10:10:28
Containment action taken — endpoint isolated
10:19:00
Alert resolved — remediation complete
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00177 | 2h ago | Ransomware Behaviour Detected | Medium | Resolved | SRV-BACKUP-01 |
| ALR-00049 | 6h ago | Certificate Anomaly | Low | Resolved | SRV-BACKUP-01 |
| ALR-00193 | 9h ago | Malware Signature Match | Medium | Resolved | WS-PC-006 |
| ALR-00463 | 16h ago | Rogue DHCP Server | Low | Escalated | SRV-BACKUP-01 |
| ALR-00464 | 16h ago | Malware Signature Match | High | Open | WS-PC-006 |