Queries malicious image samples.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes DescribeGroupedMaliciousFiles

The operation that you want to perform.

Set the value to DescribeGroupedMaliciousFiles.

CurrentPage Integer Yes 1

The page number of the current page. Pages start from page 1. Default value: 1.

PageSize String Yes 20

The number of entries to return on each page. Default value:20.

Lang String No zh

The natural language of the request and response. Default value: zh. Valid values:

  • zh: Chinese
  • en: English
Levels String No serious

The severity of the malicious image sample. You can enter multiple values. Separate the values with commas (,). Valid values:

  • serious
  • suspicious
  • remind
FuzzyMaliciousName String No Detected webshells

The name of the malicious image sample that you want to query.

Note Fuzzy match is supported.
RepoRegionId String No cn-shanghai

The region ID of the image repository. Valid values:

  • cn-beijing: China (Beijing)
  • cn-zhangjiakou: China (Zhangjiakou)
  • cn-hangzhou: China (Hangzhou)
  • cn-shanghai: China (Shanghai)
  • cn-shenzhen: China (Shenzhen)
  • cn-hongkong: China (Hong Kong)
  • ap-southeast-1: Singapore (Singapore)
  • ap-southeast-5: Indonesia (Jakarta)
  • us-east-1: US (Virginia)
  • us-west-1: US (Silicon Valley)
  • eu-central-1: Germany (Frankfurt)
  • eu-west-1: UK (London)
  • ap-south-1: India (Mumbai)
RepoInstanceId String No cri-datvailb****

The ID of the container image.

Note You can call the ListRepository operation to query the image IDs from the value of the InstanceId response parameter.
RepoId String No crr-vridcl4****

The ID of the image repository.

Note You can call the ListRepository operation to query the repository IDs from the value of the RepoId response parameter.
RepoName String No centos

The name of the image repository.

Note Fuzzy match is supported.
RepoNamespace String No hanghai-namespace

The namespace to which the image repository belongs.

Note Fuzzy match is supported.
ImageTag String No 0.2

The tag of the image.

ImageDigest String No 6a5e103187b31a94592a47a5858617f7****

The digest of the image.

ImageLayer String No 27213ad375b53628dd152a5ca****

The layer of the image.

All Alibaba Cloud API operations must include common request parameters. For more information about common request parameters, see Common parameters.

For more information about sample requests, see the "Examples" section of this topic.

Response parameters

Parameter Type Example Description
GroupedMaliciousFileResponse Array of GroupedMaliciousFile

The details of the malicious sample file.

FirstScanTimestamp Long 1594907349000

The time of the first scan. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since the epoch time January 1, 1970, 00:00:00 UTC.

ImageCount Long 3

The number of affected images.

LatestScanTimestamp Long 1596533942000

The time of the last scan. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since the epoch time January 1, 1970, 00:00:00 UTC.

Level String serious

The severity of the malicious image sample. Valid values:

  • serious
  • suspicious
  • remind
MaliciousMd5 String d836968041f7683b5459****

The MD5 hash value of the file.

MaliciousName String Self-mutating trojans

The name of the malicious file.

Status Integer 0

The status of the malicious image sample. Valid values:

  • 0: The sample is unhandled.
  • 1: The sample is handled.
  • 2: The sample is being verified.
  • 3: The sample is added to the whitelist.
PageInfo Struct

The page information.

Count Integer 2

The number of malicious samples returned on the current page.

CurrentPage Integer 1

The page number of the current page. Pages start from page 1. Default value: 1.

PageSize Integer 20

The number of entries returned per page. Default value: 20.

TotalCount Integer 2

The total number of returned malicious image samples.

RequestId String 8045E03E-6D91-4C53-9F22-5A1B84BB29D9

The ID of the request.

Examples

Sample requests

http(s)://[Endpoint]/?Action=DescribeGroupedMaliciousFiles
&CurrentPage=1
&PageSize=20
&<Common request parameters>

Sample success responses

XML format 

<DescribeGroupedMaliciousFilesResponse>
      <GroupedMaliciousFileResponse>
            <Status>0</Status>
            <LatestScanTimestamp>1596533942000</LatestScanTimestamp>
            <ImageCount>3</ImageCount>
            <MaliciousName>Self-mutating trojans</MaliciousName>
            <Level>serious</Level>
            <FirstScanTimestamp>1594907349000</FirstScanTimestamp>
            <MaliciousMd5>d836968041f7683b545900****</MaliciousMd5>
      </GroupedMaliciousFileResponse>
      <GroupedMaliciousFileResponse>
            <Status>1</Status>
            <LatestScanTimestamp>1594785387000</LatestScanTimestamp>
            <ImageCount>0</ImageCount>
            <MaliciousName>Detected webshells</MaliciousName>
            <Level>serious</Level>
            <FirstScanTimestamp>1594630261000</FirstScanTimestamp>
            <MaliciousMd5>d8b4074715b232d7d41***</MaliciousMd5>
      </GroupedMaliciousFileResponse>
      <PageInfo>
            <TotalCount>2</TotalCount>
            <PageSize>20</PageSize>
            <CurrentPage>1</CurrentPage>
            <Count>2</Count>
      </PageInfo>
      <RequestId>8045E03E-6D91-4C53-9F22-5A1B84BB29D9</RequestId>
</DescribeGroupedMaliciousFilesResponse>

JSON format 

{
	"GroupedMaliciousFileResponse": [{
		"Status": 0,
		"LatestScanTimestamp": 1596533942000,
		"ImageCount": 3,
		"MaliciousName": "Self-mutating trojans",
		"Level": "serious",
		"FirstScanTimestamp": 1594907349000,
		"MaliciousMd5": "d836968041f7683b545900****"
	}, {
		"Status": 1,
		"LatestScanTimestamp": 1594785387000,
		"ImageCount": 0,
		"MaliciousName": "Detected webshells",
		"Level": "serious",
		"FirstScanTimestamp": 1594630261000,
		"MaliciousMd5": "d8b4074715b232d7d41***"
	}],
	"PageInfo": {
		"TotalCount": 2,
		"PageSize": 20,
		"CurrentPage": 1,
		"Count": 2
	},
	"RequestId": "8045E03E-6D91-4C53-9F22-5A1B84BB29D9"
}

Error codes

For a list of error codes, visit the API Error Center.