This paper presents a multimodal deep learning–based malware detection framework for Layer 2 traffic. The approach integrates Convolutional Neural Networks (CNNs) for spatial packet analysis, Transformers for temporal flow modeling, and BERT embeddings for semantic threat intelligence. Unlike traditional rule- or signature-based systems, the model processes raw PCAP data and incorporates contextual knowledge from CVE and MITRE ATT&CK sources. The model was trained and validated using a proprietary dataset comprising both benign and synthetically injected malicious traffic. Standard metrics achieved high values (Accuracy: 97%, Precision: 96.7%, Recall: 97.8%, F1: 0.9536). However, due to class imbalance (benign 126 vs. malicious 5,135 in the test set), additional evaluation was performed using per-class precision, recall, balanced accuracy, Matthews Correlation Coefficient (MCC), and ROC/PR curves. Comparisons against trivial baselines (e.g., “always malware” classifier) and traditional machine learning algorithms (SVM, Random Forest) highlight the strengths and weaknesses of the proposed method. Real-time validation was conducted by comparing model predictions with a Palo Alto firewall under controlled traffic scenarios. The model matched the firewall on known attacks while offering potential adaptability to novel patterns. Overall, this work contributes an integrated multimodal framework, demonstrates feasibility on Layer 2 threats, and outlines limitations, including dataset imbalance, restricted attack diversity, and computational cost.