Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 18:03:34 UTC

Malware Signature Match

Informational False Positive
ALR-00417 · 2026-05-22T19:45:37Z

Description

Known malware signature (Emotet variant) detected in file on AP-WIFI-03. Cloud Connector quarantined the file. User context: n.clark.

Alert Metadata

Alert ID
ALR-00417
Timestamp
2026-05-22T19:45:37Z
Severity
Informational
Status
False Positive
Detection Source
Cloud Connector
Assigned Analyst
EmilyAI (auto)

Endpoint Information

Hostname
AP-WIFI-03
User Account
n.clark
Source IP
103.41.216.102
Destination IP
10.3.27.160
Origin Country
DE Germany

MITRE ATT&CK Mapping

Tactic
Execution
Technique
T1204.002
Reference
attack.mitre.org/techniques/T1204.002

Investigation Timeline

19:45:37 Event ingested by SOC365 Engine
19:45:38 EmilyAI triage started — correlation enrichment
19:45:42 EmilyAI confidence: 86% — escalated to human analyst
19:46:11 Alert assigned to analyst: EmilyAI (auto)
19:46:43 Investigation started — querying SIEM and threat intelligence
19:55:04 Containment action taken — endpoint isolated
19:56:59 Alert resolved — remediation complete

Related Alerts

ID Time Alert Severity Status Host
ALR-00201 5h ago C2 Beacon Activity Low Open AP-WIFI-03
ALR-00002 6h ago Malware Signature Match Low Open FW-EDGE-01
ALR-00111 9h ago Malware Signature Match Informational Open SRV-SQL-01
ALR-00331 17h ago Kerberoasting Attempt Low False Positive AP-WIFI-03
ALR-00452 21h ago Failed MFA Challenge Low Open AP-WIFI-03