Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 18:03:34 UTC

Malware Signature Match

Medium Investigating
ALR-00427 · 2026-05-24T04:15:17Z

Description

Known malware signature (Emotet variant) detected in file on SRV-MAIL-01. DLP Module quarantined the file. User context: d.walker.

Alert Metadata

Alert ID
ALR-00427
Timestamp
2026-05-24T04:15:17Z
Severity
Medium
Status
Investigating
Detection Source
DLP Module
Assigned Analyst
Emma Richardson

Endpoint Information

Hostname
SRV-MAIL-01
User Account
d.walker
Source IP
103.254.216.221
Destination IP
10.0.120.172
Origin Country
NG Nigeria

MITRE ATT&CK Mapping

Tactic
Execution
Technique
T1204.002
Reference
attack.mitre.org/techniques/T1204.002

Investigation Timeline

04:15:17 Event ingested by SOC365 Engine
04:15:20 EmilyAI triage started — correlation enrichment
04:15:23 EmilyAI confidence: 84% — escalated to human analyst
04:16:01 Alert assigned to analyst: Emma Richardson
04:17:42 Investigation started — querying SIEM and threat intelligence

Related Alerts

ID Time Alert Severity Status Host
ALR-00168 3h ago Credential Stuffing Attempt Medium Escalated SRV-MAIL-01
ALR-00002 6h ago Malware Signature Match Low Open FW-EDGE-01
ALR-00013 7h ago Data Exfiltration Attempt High Open SRV-MAIL-01
ALR-00437 8h ago Privilege Escalation Attempt High Escalated SRV-MAIL-01
ALR-00111 9h ago Malware Signature Match Informational Open SRV-SQL-01