We had same alert on our MX firewalls
wsasme.exe
SHA25654fd619d136646c014ca6e270e4a483dce033894c918a462b5a0352290ce95db
Disposition - Malicious | Type - MS_EXE | Size - 5657272 bytes
Ticket I had open with Meraki, response this morning:
Thanks for your response. Yes, I can confirm that you can trust Webroot and wsasme.exe is not a malicious file. Please ignore the alert, and I will close the ticket at this time.
Thank you,
Kunal Konduru
Cisco Meraki Technical Support
Webroot Support response yesterday:
The reason that Joe Sandbox lists for their "Suspicious" file determination (hooking functions) is normal for an Antivirus program. Cisco appears to be marking wsasme.exe as a threat for the same reason, however only Cisco support would be able to confirm this. If you have any further questions about this false positive, we recommend reaching out to Cisco support.
Regards,
The Webroot Advanced Malware Removal Team
This is a legitimate Webroot file. Please reach out to Cisco support for further assistance with this false positive.
Regards,
The Webroot Advanced Malware Removal Team