Back to sessionsOpen in graphA file hash on the endpoint matches an active malware family signature.EDR telemetry shows injected code running in the browser context.
unx_08lnjpc
26User: o••••••••@example.dev🇵🇹PT209.244.•••.•••AS12389 Rostelecom
Final decision
Approved· 26 / 100
Driven primarily by:
- Known malware signature92
- Process injection84
Fired signals
Each card explains what the signal means and why it fired.
Malware
Known malware signature
92Process injection
84Risk breakdown
Contribution to the final score by category.
- Device0
- Behavior0
- Network0
- Identity0
- Malware176
Event timeline
Everything that happened during this session.
- Session start6:54:13 PMRemoteAccess · AS12389 Rostelecom
- iPhone · iPhone 146:54:18 PMfp_000062j
- Known malware signature6:54:43 PMseverity 92
- Process injection6:54:52 PMseverity 84
- Opened /transfer6:54:56 PM
- Approved6:55:25 PM