The alert condition for 'Access - DMTS_UC08 Malware Recurring Infection - Rule' was triggered.
Alert Title: Access - DMTS_UC08 Malware Recurring Infection - Rule
Alert Location: https://splunk-ess.cardinalhealth.net/app/SA-DeloitteMTS/@go?dispatch_view=alert&s=%2FservicesNS%2Fnobody%2FSA-DeloitteMTS%2Fsaved%2Fsearches%2FAccess%2520-%2520DMTS_UC08%2520Malware%2520Recurring%2520Infection%2520-%2520Rule
------------------------------------------------------------------------
Malware_Signature,Hostname,User,IP_Address,Action,Application_Name,File_Hash,File_Path,Number_of_Occurences
WS.Reputation.1,VOHACCVARJOJ02,joji.varghese,10.212.62.219,Left alone,DbVisualizer,0245A8C2DD8082BA8C08D68749D27A244EE77EE0C0E21880B55D701392E5BC16,c:\users\joji.varghese\appdata\local\microsoft\windows\temporary internet files\content.ie5\1xljrtbt\dbvis_windows-x64_10_0_3.exe c:\users\joji.varghese\appdata\local\microsoft\windows\temporary internet files\content.ie5\3oo2grzo\dbvis_windows-x64_10_0_3.exe,
------------------------------------------------------------------------
If you believe you've received this email in error, please see your Splunk administrator.
splunk > the engine for machine data