Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 15:24:12 UTC

Malware Signature Match

Low Escalated
ALR-00308 · 2026-04-12T06:33:53Z

Description

Known malware signature (Emotet variant) detected in file on SRV-WEB-01. DecoyPulse quarantined the file. User context: system.

Alert Metadata

Alert ID
ALR-00308
Timestamp
2026-04-12T06:33:53Z
Severity
Low
Status
Escalated
Detection Source
DecoyPulse
Assigned Analyst
EmilyAI (auto)

Endpoint Information

Hostname
SRV-WEB-01
User Account
system
Source IP
103.245.216.97
Destination IP
10.0.123.53
Origin Country
VN Vietnam

MITRE ATT&CK Mapping

Tactic
Execution
Technique
T1204.002
Reference
attack.mitre.org/techniques/T1204.002

Investigation Timeline

06:33:53 Event ingested by SOC365 Engine
06:33:56 EmilyAI triage started — correlation enrichment
06:33:58 EmilyAI confidence: 83% — escalated to human analyst
06:34:35 Alert assigned to analyst: EmilyAI (auto)
06:35:37 Investigation started — querying SIEM and threat intelligence
06:41:40 Containment action taken — endpoint isolated
06:45:56 Alert resolved — remediation complete

Related Alerts

ID Time Alert Severity Status Host
ALR-00058 9h ago Ransomware Behaviour Detected High Investigating SRV-WEB-01
ALR-00390 13h ago Rogue DHCP Server Low Investigating SRV-WEB-01
ALR-00389 16h ago Malware Signature Match Low False Positive SRV-MAIL-01
ALR-00176 19h ago Malware Signature Match Low Open WS-LAP-010
ALR-00254 20h ago Suspicious Scheduled Task Informational Investigating SRV-WEB-01