Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 19:46:03 UTC

Malware Signature Match

Informational Escalated
ALR-00386 · 2026-07-07T20:14:39Z

Description

Known malware signature (Emotet variant) detected in file on WS-PC-004. Endpoint Agent quarantined the file. User context: m.taylor.

Alert Metadata

Alert ID
ALR-00386
Timestamp
2026-07-07T20:14:39Z
Severity
Informational
Status
Escalated
Detection Source
Endpoint Agent
Assigned Analyst
EmilyAI (auto)

Endpoint Information

Hostname
WS-PC-004
User Account
m.taylor
Source IP
103.69.216.44
Destination IP
10.0.152.217
Origin Country
BR Brazil

MITRE ATT&CK Mapping

Tactic
Execution
Technique
T1204.002
Reference
attack.mitre.org/techniques/T1204.002

Investigation Timeline

20:14:39 Event ingested by SOC365 Engine
20:14:40 EmilyAI triage started — correlation enrichment
20:14:52 EmilyAI confidence: 88% — escalated to human analyst
20:14:56 Alert assigned to analyst: EmilyAI (auto)
20:17:21 Investigation started — querying SIEM and threat intelligence
20:21:49 Containment action taken — endpoint isolated
20:30:43 Alert resolved — remediation complete

Related Alerts

ID Time Alert Severity Status Host
ALR-00143 5h ago Anomalous DNS Query Low Investigating WS-PC-004
ALR-00466 6h ago Lateral Movement Detected High Open WS-PC-004
ALR-00263 13h ago Malware Signature Match Informational Investigating FW-EDGE-01
ALR-00409 13h ago Unusual Outbound Traffic Informational Investigating WS-PC-004
ALR-00046 16h ago Malware Signature Match Medium Investigating SRV-MAIL-01