Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 20:48:00 UTC

Malware Signature Match

Low Open
ALR-00470 · 2026-07-11T16:21:21Z

Description

Known malware signature (Emotet variant) detected in file on SRV-MAIL-01. DLP Module quarantined the file. User context: a.wilson.

Alert Metadata

Alert ID
ALR-00470
Timestamp
2026-07-11T16:21:21Z
Severity
Low
Status
Open
Detection Source
DLP Module
Assigned Analyst
EmilyAI (auto)

Endpoint Information

Hostname
SRV-MAIL-01
User Account
a.wilson
Source IP
103.154.216.215
Destination IP
10.1.147.132
Origin Country
GB United Kingdom

MITRE ATT&CK Mapping

Tactic
Execution
Technique
T1204.002
Reference
attack.mitre.org/techniques/T1204.002

Investigation Timeline

16:21:21 Event ingested by SOC365 Engine
16:21:22 EmilyAI triage started — correlation enrichment
16:21:33 EmilyAI confidence: 84% — escalated to human analyst
16:21:49 Alert assigned to analyst: EmilyAI (auto)
16:23:14 Investigation started — querying SIEM and threat intelligence

Related Alerts

ID Time Alert Severity Status Host
ALR-00143 6h ago Failed MFA Challenge Low Investigating SRV-MAIL-01
ALR-00402 6h ago Insider Threat Indicator Medium Investigating SRV-MAIL-01
ALR-00222 7h ago Brute Force SSH Informational Investigating SRV-MAIL-01
ALR-00261 12h ago Pass-the-Hash Detected Informational Escalated SRV-MAIL-01
ALR-00487 22h ago Malware Signature Match Medium Resolved WS-PC-006