Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 21:06:16 UTC

Malware Signature Match

Medium False Positive
ALR-00355 · 2026-07-11T16:55:00Z

Description

Known malware signature (Emotet variant) detected in file on WS-PC-006. DecoyPulse quarantined the file. User context: a.wilson.

Alert Metadata

Alert ID
ALR-00355
Timestamp
2026-07-11T16:55:00Z
Severity
Medium
Status
False Positive
Detection Source
DecoyPulse
Assigned Analyst
Emma Richardson

Endpoint Information

Hostname
WS-PC-006
User Account
a.wilson
Source IP
103.215.216.233
Destination IP
10.3.181.108
Origin Country
KP North Korea

MITRE ATT&CK Mapping

Tactic
Execution
Technique
T1204.002
Reference
attack.mitre.org/techniques/T1204.002

Investigation Timeline

16:55:00 Event ingested by SOC365 Engine
16:55:01 EmilyAI triage started — correlation enrichment
16:55:07 EmilyAI confidence: 92% — escalated to human analyst
16:55:18 Alert assigned to analyst: Emma Richardson
16:56:06 Investigation started — querying SIEM and threat intelligence
16:58:13 Containment action taken — endpoint isolated
17:13:11 Alert resolved — remediation complete

Related Alerts

ID Time Alert Severity Status Host
ALR-00490 7h ago Malware Signature Match Low False Positive AP-WIFI-03
ALR-00338 12h ago Suspicious Scheduled Task Informational False Positive WS-PC-006
ALR-00227 13h ago Malware Signature Match Medium Resolved SRV-SQL-01
ALR-00391 15h ago Malware Signature Match Medium False Positive WS-PC-002
ALR-00256 18h ago Brute Force SSH Medium Investigating WS-PC-006