T1204 User Execution
Endpoint 172.16.17.82 identified as Johns PC triggered a malware alert involving the file googleupdate.exe.
SOC104 Malware Detected alert was generated for googleupdate.exe with MD5 hash 0bca3f16dd527b4150648ec1e36cb22a. The hash was analyzed in VirusTotal and returned no malicious detections. The file was also uploaded to filescan.io and identified as trusted. Review of endpoint activity including browsing history and file context confirmed the file is associated with legitimate Google update functionality. No suspicious processes or network connections were observed.
Event Time Sep 15 2020 09:02 PM
Alert Closed Jan 22 2026 08:42 AM
Endpoint 172.16.17.82
File googleupdate.exe
MD5 0bca3f16dd527b4150648ec1e36cb22a
Event ID 14
Rule SOC104 Malware Detected
The alert was triggered by signature or heuristic detection; however, multiple reputation checks and sandbox verification confirmed the file is legitimate. Endpoint context supports normal Google update behavior. No indicators of compromise were identified. The alert was assessed as a False Positive and no further action was required.