Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 20:46:56 UTC

Malware Signature Match

Informational Investigating
ALR-00495 · 2026-07-09T12:34:15Z

Description

Known malware signature (Emotet variant) detected in file on SRV-DC-01. Attack Surface Scanner quarantined the file. User context: n.clark.

Alert Metadata

Alert ID
ALR-00495
Timestamp
2026-07-09T12:34:15Z
Severity
Informational
Status
Investigating
Detection Source
Attack Surface Scanner
Assigned Analyst
EmilyAI (auto)

Endpoint Information

Hostname
SRV-DC-01
User Account
n.clark
Source IP
185.20.220.101
Destination IP
10.1.222.86
Origin Country
RU Russia

MITRE ATT&CK Mapping

Tactic
Execution
Technique
T1204.002
Reference
attack.mitre.org/techniques/T1204.002

Investigation Timeline

12:34:15 Event ingested by SOC365 Engine
12:34:19 EmilyAI triage started — correlation enrichment
12:34:27 EmilyAI confidence: 94% — escalated to human analyst
12:34:38 Alert assigned to analyst: EmilyAI (auto)
12:35:57 Investigation started — querying SIEM and threat intelligence

Related Alerts

ID Time Alert Severity Status Host
ALR-00415 4h ago Malware Signature Match Medium Investigating SRV-SQL-01
ALR-00180 9h ago Malware Signature Match Low Resolved VM-DEV-01
ALR-00138 12h ago Malware Signature Match Medium Investigating AP-WIFI-03
ALR-00371 14h ago Malware Signature Match Medium Escalated WS-LAP-012
ALR-00484 15h ago Malware Signature Match Low Investigating WS-PC-003