Microsoft Graph · Schema
microsoft.graph.windowsMalwareInformation
Azure ADCollaborationContactsDocumentsEmailGraphIdentityMicrosoftOffice 365PresentationsProductivitySpreadsheetsT1Tasks
JSON Schema
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "#/components/schemas/microsoft.graph.windowsMalwareInformation",
"title": "microsoft.graph.windowsMalwareInformation",
"allOf": [
{
"$ref": "#/components/schemas/microsoft.graph.entity"
},
{
"title": "windowsMalwareInformation",
"required": [
"@odata.type"
],
"type": "object",
"properties": {
"additionalInformationUrl": {
"type": "string",
"description": "Indicates an informational URL to learn more about the malware",
"nullable": true
},
"category": {
"anyOf": [
{
"$ref": "#/components/schemas/microsoft.graph.windowsMalwareCategory"
},
{
"type": "object",
"nullable": true
}
],
"description": "Category of the malware. The possible values are: invalid, adware, spyware, passwordStealer, trojanDownloader, worm, backdoor, remoteAccessTrojan, trojan, emailFlooder, keylogger, dialer, monitoringSoftware, browserModifier, cookie, browserPlugin, aolExploit, nuker, securityDisabler, jokeProgram, hostileActiveXControl, softwareBundler, stealthNotifier, settingsModifier, toolBar, remoteControlSoftware, trojanFtp, potentialUnwantedSoftware, icqExploit, trojanTelnet, exploit, filesharingProgram, malwareCreationTool, remoteControlSoftware, tool, trojanDenialOfService, trojanDropper, trojanMassMailer, trojanMonitoringSoftware, trojanProxyServer, virus, known, unknown, spp, behavior, vulnerability, policy, enterpriseUnwantedSoftware, ransom, hipsRule. default value is invalid. The possible values are: invalid, adware, spyware, passwordStealer, trojanDownloader, worm, backdoor, remoteAccessTrojan, trojan, emailFlooder, keylogger, dialer, monitoringSoftware, browserModifier, cookie, browserPlugin, aolExploit, nuker, securityDisabler, jokeProgram, hostileActiveXControl, softwareBundler, stealthNotifier, settingsModifier, toolBar, remoteControlSoftware, trojanFtp, potentialUnwantedSoftware, icqExploit, trojanTelnet, exploit, filesharingProgram, malwareCreationTool, remoteControlSoftware, tool, trojanDenialOfService, trojanDropper, trojanMassMailer, trojanMonitoringSoftware, trojanProxyServer, virus, known, unknown, spp, behavior, vulnerability, policy, enterpriseUnwantedSoftware, ransom, hipsRule."
},
"displayName": {
"type": "string",
"description": "Indicates the name of the malware",
"nullable": true
},
"lastDetectionDateTime": {
"pattern": "^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$",
"type": "string",
"description": "Indicates the last time the malware was detected in UTC",
"format": "date-time",
"nullable": true
},
"severity": {
"anyOf": [
{
"$ref": "#/components/schemas/microsoft.graph.windowsMalwareSeverity"
},
{
"type": "object",
"nullable": true
}
],
"description": "Severity of the malware. The possible values are: unknown, low, moderate, high, severe. default is unknown. The possible values are: unknown, low, moderate, high, severe."
},
"deviceMalwareStates": {
"type": "array",
"items": {
"$ref": "#/components/schemas/microsoft.graph.malwareStateForWindowsDevice"
},
"description": "List of devices affected by current malware with the malware state on each device",
"x-ms-navigationProperty": true
},
"@odata.type": {
"type": "string"
}
},
"description": "Malware information entity."
}
],
"x-ms-discriminator-value": "#microsoft.graph.windowsMalwareInformation"
}