windowsMalwareInformation resource type
Namespace: microsoft.graph
Note: The Microsoft Graph API for Intune requires an active Intune license for the tenant.
Malware information entity.
Methods
| Method | Return Type | Description |
|---|---|---|
| List windowsMalwareInformations | windowsMalwareInformation collection | List properties and relationships of the windowsMalwareInformation objects. |
| Get windowsMalwareInformation | windowsMalwareInformation | Read properties and relationships of the windowsMalwareInformation object. |
| Create windowsMalwareInformation | windowsMalwareInformation | Create a new windowsMalwareInformation object. |
| Delete windowsMalwareInformation | None | Deletes a windowsMalwareInformation. |
| Update windowsMalwareInformation | windowsMalwareInformation | Update the properties of a windowsMalwareInformation object. |
Properties
| Property | Type | Description |
|---|---|---|
| id | String | The unique Identifier. This is malware id. |
| displayName | String | Indicates the name of the malware |
| additionalInformationUrl | String | Indicates an informational URL to learn more about the malware |
| severity | windowsMalwareSeverity | Severity of the malware. Possible values are: unknown, low, moderate, high, severe. default is unknown. Possible values are: unknown, low, moderate, high, severe. |
| category | windowsMalwareCategory | Category of the malware. Possible values are: invalid, adware, spyware, passwordStealer, trojanDownloader, worm, backdoor, remoteAccessTrojan, trojan, emailFlooder, keylogger, dialer, monitoringSoftware, browserModifier, cookie, browserPlugin, aolExploit, nuker, securityDisabler, jokeProgram, hostileActiveXControl, softwareBundler, stealthNotifier, settingsModifier, toolBar, remoteControlSoftware, trojanFtp, potentialUnwantedSoftware, icqExploit, trojanTelnet, exploit, filesharingProgram, malwareCreationTool, remote_Control_Software, tool, trojanDenialOfService, trojanDropper, trojanMassMailer, trojanMonitoringSoftware, trojanProxyServer, virus, known, unknown, spp, behavior, vulnerability, policy, enterpriseUnwantedSoftware, ransom, hipsRule. default value is invalid. Possible values are: invalid, adware, spyware, passwordStealer, trojanDownloader, worm, backdoor, remoteAccessTrojan, trojan, emailFlooder, keylogger, dialer, monitoringSoftware, browserModifier, cookie, browserPlugin, aolExploit, nuker, securityDisabler, jokeProgram, hostileActiveXControl, softwareBundler, stealthNotifier, settingsModifier, toolBar, remoteControlSoftware, trojanFtp, potentialUnwantedSoftware, icqExploit, trojanTelnet, exploit, filesharingProgram, malwareCreationTool, remote_Control_Software, tool, trojanDenialOfService, trojanDropper, trojanMassMailer, trojanMonitoringSoftware, trojanProxyServer, virus, known, unknown, spp, behavior, vulnerability, policy, enterpriseUnwantedSoftware, ransom, hipsRule. |
| lastDetectionDateTime | DateTimeOffset | Indicates the last time the malware was detected in UTC |
Relationships
| Relationship | Type | Description |
|---|---|---|
| deviceMalwareStates | malwareStateForWindowsDevice collection | List of devices affected by current malware with the malware state on each device |
JSON Representation
Here is a JSON representation of the resource.
{
"@odata.type": "#microsoft.graph.windowsMalwareInformation",
"id": "String (identifier)",
"displayName": "String",
"additionalInformationUrl": "String",
"severity": "String",
"category": "String",
"lastDetectionDateTime": "String (timestamp)"
}