Threat detected: Trojan/Generic.ASMalwS.3124987 in iotedgehubdev.exe

Question

Threat detected: Trojan/Generic.ASMalwS.3124987 in iotedgehubdev.exe

bqstony opened this issue 3 years ago · 2 comments

Hi,

This morning, after automatic update in VSCode, the iotedgehubdev.exe was moved to quarante by me cisco endpoint protection.

My IT has ordered a deep scan an the result is not so good.

https://www.virustotal.com/gui/file/804a25f9797a8b5d3b61f6b4152172e6d29c98bed918b91892e766d3ffbb1d26/detection

VSCode Version: 1.62.1
OS Version: W10 - 21H1
Extension Version: Azure IoT Edge v1.25.1

Answer 1 · 2021-11-15T07:31:13.000Z

Cisco team could unblock it. Meaby it helps others:

Feedback from cisco:

Our analysis shows that the file is indeed benign. We have rectified the issue by changing the file disposition which effectively allows the customer to access the file. ... The source of the conviction has been notified so that they can use this example to improve detection content, which will help prevent future false positives.

Answer 2 · 2021-11-15T22:36:45.000Z

Thanks for sharing the outcome. We are closing the issue.