windowsMalwareInformation resource type

Namespace: microsoft.graph

Important: Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.

Note: The Microsoft Graph API for Intune requires an active Intune license for the tenant.

Malware information entity.

Methods

Method Return Type Description
List windowsMalwareInformations windowsMalwareInformation collection List properties and relationships of the windowsMalwareInformation objects.
Get windowsMalwareInformation windowsMalwareInformation Read properties and relationships of the windowsMalwareInformation object.
Create windowsMalwareInformation windowsMalwareInformation Create a new windowsMalwareInformation object.
Delete windowsMalwareInformation None Deletes a windowsMalwareInformation.
Update windowsMalwareInformation windowsMalwareInformation Update the properties of a windowsMalwareInformation object.

Properties

Property Type Description
id String The unique Identifier. This is malware id.
displayName String Indicates the name of the malware
additionalInformationUrl String Indicates an informational URL to learn more about the malware
severity windowsMalwareSeverity Severity of the malware. Possible values are: unknown, low, moderate, high, severe. default is unknown. Possible values are: unknown, low, moderate, high, severe.
category windowsMalwareCategory Category of the malware. Possible values are: invalid, adware, spyware, passwordStealer, trojanDownloader, worm, backdoor, remoteAccessTrojan, trojan, emailFlooder, keylogger, dialer, monitoringSoftware, browserModifier, cookie, browserPlugin, aolExploit, nuker, securityDisabler, jokeProgram, hostileActiveXControl, softwareBundler, stealthNotifier, settingsModifier, toolBar, remoteControlSoftware, trojanFtp, potentialUnwantedSoftware, icqExploit, trojanTelnet, exploit, filesharingProgram, malwareCreationTool, remote_Control_Software, tool, trojanDenialOfService, trojanDropper, trojanMassMailer, trojanMonitoringSoftware, trojanProxyServer, virus, known, unknown, spp, behavior, vulnerability, policy, enterpriseUnwantedSoftware, ransom, hipsRule. default value is invalid. Possible values are: invalid, adware, spyware, passwordStealer, trojanDownloader, worm, backdoor, remoteAccessTrojan, trojan, emailFlooder, keylogger, dialer, monitoringSoftware, browserModifier, cookie, browserPlugin, aolExploit, nuker, securityDisabler, jokeProgram, hostileActiveXControl, softwareBundler, stealthNotifier, settingsModifier, toolBar, remoteControlSoftware, trojanFtp, potentialUnwantedSoftware, icqExploit, trojanTelnet, exploit, filesharingProgram, malwareCreationTool, remote_Control_Software, tool, trojanDenialOfService, trojanDropper, trojanMassMailer, trojanMonitoringSoftware, trojanProxyServer, virus, known, unknown, spp, behavior, vulnerability, policy, enterpriseUnwantedSoftware, ransom, hipsRule.
lastDetectionDateTime DateTimeOffset Indicates the last time the malware was detected in UTC

Relationships

Relationship Type Description
deviceMalwareStates malwareStateForWindowsDevice collection List of devices affected by current malware with the malware state on each device

JSON Representation

Here is a JSON representation of the resource.

{
  "@odata.type": "#microsoft.graph.windowsMalwareInformation",
  "id": "String (identifier)",
  "displayName": "String",
  "additionalInformationUrl": "String",
  "severity": "String",
  "category": "String",
  "lastDetectionDateTime": "String (timestamp)"
}