Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 15:23:04 UTC

Malware Signature Match

Medium Open
ALR-00445 · 2026-04-06T01:28:58Z

Description

Known malware signature (Emotet variant) detected in file on SRV-FILE-01. Endpoint Agent quarantined the file. User context: n.clark.

Alert Metadata

Alert ID
ALR-00445
Timestamp
2026-04-06T01:28:58Z
Severity
Medium
Status
Open
Detection Source
Endpoint Agent
Assigned Analyst
James Okonkwo

Endpoint Information

Hostname
SRV-FILE-01
User Account
n.clark
Source IP
45.160.148.11
Destination IP
10.3.169.37
Origin Country
FR France

MITRE ATT&CK Mapping

Tactic
Execution
Technique
T1204.002
Reference
attack.mitre.org/techniques/T1204.002

Investigation Timeline

01:28:58 Event ingested by SOC365 Engine
01:28:59 EmilyAI triage started — correlation enrichment
01:29:10 EmilyAI confidence: 85% — escalated to human analyst
01:29:25 Alert assigned to analyst: James Okonkwo
01:31:57 Investigation started — querying SIEM and threat intelligence

Related Alerts

ID Time Alert Severity Status Host
ALR-00432 1h ago Malware Signature Match Informational Escalated VM-DEV-01
ALR-00424 2h ago Malware Signature Match Medium False Positive WS-LAP-012
ALR-00206 21h ago Malware Signature Match Medium Open SRV-BACKUP-01
ALR-00236 1d ago Rogue DHCP Server Informational Investigating SRV-FILE-01
ALR-00398 1d ago Malware Signature Match Medium False Positive FW-EDGE-01