Queries malicious image samples.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes DescribeGroupedMaliciousFiles

The operation that you want to perform.

Set the value to DescribeGroupedMaliciousFiles.

CurrentPage Integer Yes 1

The page number of the current page. Pages start from page 1. Default value: 1.

PageSize String Yes 20

The number of entries to return on each page. Default value: 20.

Lang String No zh

The natural language of the request and response. Valid values:

  • zh: Chinese
  • en: English
Levels String No serious

The severity of the malicious image sample. You can enter multiple values. Separate values with commas (,). Valid values:

  • serious
  • suspicious
  • remind
FuzzyMaliciousName String No Detected webshells

The name of the malicious image sample.

Note Fuzzy match is supported.
RepoRegionId String No cn-shanghai

The region ID of the image repository. Valid values:

  • cn-beijing: China (Beijing)
  • cn-zhangjiakou: China (Zhangjiakou-Beijing Winter Olympics)
  • cn-hangzhou: China (Hangzhou)
  • cn-shanghai: China (Shanghai)
  • cn-shenzhen: China (Shenzhen)
  • cn-hongkong: China (Hong Kong)
  • ap-southeast-1: Singapore (Singapore)
  • ap-southeast-5: Indonesia (Jakarta)
  • us-east-1: US (Virginia)
  • us-west-1: US (Silicon Valley)
  • eu-central-1: Germany (Frankfurt)
  • eu-west-1: UK (London)
  • ap-south-1: India (Mumbai)
RepoInstanceId String No cri-datvailb****

The ID of the container image.

Note You can call the ListRepository operation to query the image ID from the value of the InstanceId response parameter.
RepoId String No crr-vridcl4****

The ID of the image repository.

Note You can call the ListRepository operation to query the repository ID from the value of the RepoId response parameter.
RepoName String No centos

The name of the image repository.

Note Fuzzy match is supported.
RepoNamespace String No hanghai-namespace

The name of the repository namespace.

Note Fuzzy match is supported.
ImageTag String No 0.2

The tag of the image.

ImageDigest String No 6a5e103187b31a94592a47a5858617f7****

The digest of the image.

ImageLayer String No 27213ad375b53628dd152a5ca****

The layer of the image.

Response parameters

Parameter Type Example Description
GroupedMaliciousFileResponse Array of GroupedMaliciousFile

The details of the malicious sample file.

FirstScanTimestamp Long 1596533942000

The timestamp of the first scan.

ImageCount Long 3

The number of affected images.

LatestScanTimestamp Long 1594630261000

The timestamp of the last scan.

Level String serious

The severity of the malicious image sample. Valid values:

  • serious
  • suspicious
  • remind
MaliciousMd5 String d836968041f7683b5459****

The MD5 hash value of the file.

MaliciousName String Self-mutating trojans

The name of the malicious file.

Status Integer 1

The process status of the malicious image sample. Valid values:

  • 0: The sample is to be handled.
  • 1: The sample has been handled.
  • 2: The sample is being verified.
  • 3: The sample is added to the whitelist.
PageInfo Struct

The page information.

Count Integer 2

The number of malicious samples returned on the current page.

CurrentPage Integer 1

The page number of the current page. Pages start from page 1. Default value: 1.

PageSize Integer 20

The number of entries returned per page. Default value: 20.

TotalCount Integer 2

The total number of malicious samples returned.

RequestId String 9326FB58-B1A9-41B4-A547-D33BA27B6894

The ID of the request.

Examples

Sample requests

http(s)://[Endpoint]/?Action=DescribeGroupedMaliciousFiles
&CurrentPage=1
&PageSize=20
&<Common request parameters>

Sample success responses

XML format

<DescribeGroupedMaliciousFilesResponse>
      <GroupedMaliciousFileResponse>
            <Status>0</Status>
            <LatestScanTimestamp>1596533942000</LatestScanTimestamp>
            <ImageCount>3</ImageCount>
            <MaliciousName>Self-mutating trojans</MaliciousName>
            <Level>serious</Level>
            <FirstScanTimestamp>1594907349000</FirstScanTimestamp>
            <MaliciousMd5>d836968041f7683b545900****</MaliciousMd5>
      </GroupedMaliciousFileResponse>
      <GroupedMaliciousFileResponse>
            <Status>1</Status>
            <LatestScanTimestamp>1594785387000</LatestScanTimestamp>
            <ImageCount>0</ImageCount>
            <MaliciousName>Detected webshells</MaliciousName>
            <Level>serious</Level>
            <FirstScanTimestamp>1594630261000</FirstScanTimestamp>
            <MaliciousMd5>d8b4074715b232d7d41***</MaliciousMd5>
      </GroupedMaliciousFileResponse>
      <PageInfo>
            <TotalCount>2</TotalCount>
            <PageSize>20</PageSize>
            <CurrentPage>1</CurrentPage>
            <Count>2</Count>
      </PageInfo>
      <RequestId>8045E03E-6D91-4C53-9F22-5A1B84BB29D9</RequestId>
</DescribeGroupedMaliciousFilesResponse>

JSON format

{


    "GroupedMaliciousFileResponse": [{
        "Status": 0,
        "LatestScanTimestamp": 1596533942000,
        "ImageCount": 3,
        "MaliciousName": "Self-mutating trojans",
        "Level": "serious",
        "FirstScanTimestamp": 1594907349000,
        "MaliciousMd5": "d836968041f7683b545900****"
    }, {
        "Status": 1,
        "LatestScanTimestamp": 1594785387000,
        "ImageCount": 0,
        "MaliciousName": "Detected webshells",
        "Level": "serious",
        "FirstScanTimestamp": 1594630261000,
        "MaliciousMd5": "d8b4074715b232d7d41***"
    }],
    "PageInfo": {
        "TotalCount": 2,
        "PageSize": 20,
        "CurrentPage": 1,
        "Count": 2
    },
    "RequestId": "8045E03E-6D91-4C53-9F22-5A1B84BB29D9"

}

Error codes

For a list of error codes, visit the API Error Center.