Buy or Renew
Buy or Renew
Meraki Community is live! Welcome Meraki Members! Learn more here.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1018
Views
0
Helpful
2
Replies

Malware being reported under Threats

pmcamilleri
Community Member

‎01-29-2019 03:32 AM - edited ‎03-12-2019 04:20 AM

Dear all

 

Recently our Cisco 5512-X was recently upgraded to FirePOWER services and I am trying to familiarize myself with this new software. When looking at the Threats section (ASA FirePOWER Reporting) I am seeing that Malware has been detected. See attached screenshot. However, there is no way to find out what caused this alert and from where it originated from i.e. source ip, etc I cannot dig deeper because I am not given much to work on. Is there any way one can find out from where this malware originated from? Could someone guide me on this? Management of FirePOWER is being done via ASDM which is on version 7.8(2)151. 

 

Thanks in advance

Pierre

 

Labels:
Preview file
19 KB
0 Helpful
2 Replies 2

Sheraz.Salim
VIP Alumni
VIP Alumni

‎01-29-2019 03:39 AM

This malware already being discussed in this community.

 

here is the link for this

https://community.cisco.com/t5/intrusion-prevention-and/malware-cnc-win-trojan-pmabot-outbound-connection-attempt-etc/td-p/2926914

please do not forget to rate.
0 Helpful

pmcamilleri
Community Member
In response to Sheraz.Salim

‎01-29-2019 03:45 AM

I've accessed the link but it doesn't answer my query or solve my issue. I need to know how to delve deeper in order to see from where this malware is originating from such as source IP, etc. 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card