{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "$id": "#/components/schemas/microsoft.graph.windowsMalwareInformation",
  "title": "microsoft.graph.windowsMalwareInformation",
  "allOf": [
    {
      "$ref": "#/components/schemas/microsoft.graph.entity"
    },
    {
      "title": "windowsMalwareInformation",
      "required": [
        "@odata.type"
      ],
      "type": "object",
      "properties": {
        "additionalInformationUrl": {
          "type": "string",
          "description": "Indicates an informational URL to learn more about the malware",
          "nullable": true
        },
        "category": {
          "anyOf": [
            {
              "$ref": "#/components/schemas/microsoft.graph.windowsMalwareCategory"
            },
            {
              "type": "object",
              "nullable": true
            }
          ],
          "description": "Category of the malware. The possible values are: invalid, adware, spyware, passwordStealer, trojanDownloader, worm, backdoor, remoteAccessTrojan, trojan, emailFlooder, keylogger, dialer, monitoringSoftware, browserModifier, cookie, browserPlugin, aolExploit, nuker, securityDisabler, jokeProgram, hostileActiveXControl, softwareBundler, stealthNotifier, settingsModifier, toolBar, remoteControlSoftware, trojanFtp, potentialUnwantedSoftware, icqExploit, trojanTelnet, exploit, filesharingProgram, malwareCreationTool, remoteControlSoftware, tool, trojanDenialOfService, trojanDropper, trojanMassMailer, trojanMonitoringSoftware, trojanProxyServer, virus, known, unknown, spp, behavior, vulnerability, policy, enterpriseUnwantedSoftware, ransom, hipsRule. default value is invalid. The possible values are: invalid, adware, spyware, passwordStealer, trojanDownloader, worm, backdoor, remoteAccessTrojan, trojan, emailFlooder, keylogger, dialer, monitoringSoftware, browserModifier, cookie, browserPlugin, aolExploit, nuker, securityDisabler, jokeProgram, hostileActiveXControl, softwareBundler, stealthNotifier, settingsModifier, toolBar, remoteControlSoftware, trojanFtp, potentialUnwantedSoftware, icqExploit, trojanTelnet, exploit, filesharingProgram, malwareCreationTool, remoteControlSoftware, tool, trojanDenialOfService, trojanDropper, trojanMassMailer, trojanMonitoringSoftware, trojanProxyServer, virus, known, unknown, spp, behavior, vulnerability, policy, enterpriseUnwantedSoftware, ransom, hipsRule."
        },
        "displayName": {
          "type": "string",
          "description": "Indicates the name of the malware",
          "nullable": true
        },
        "lastDetectionDateTime": {
          "pattern": "^[0-9]{4,}-(0[1-9]|1[012])-(0[1-9]|[12][0-9]|3[01])T([01][0-9]|2[0-3]):[0-5][0-9]:[0-5][0-9]([.][0-9]{1,12})?(Z|[+-][0-9][0-9]:[0-9][0-9])$",
          "type": "string",
          "description": "Indicates the last time the malware was detected in UTC",
          "format": "date-time",
          "nullable": true
        },
        "severity": {
          "anyOf": [
            {
              "$ref": "#/components/schemas/microsoft.graph.windowsMalwareSeverity"
            },
            {
              "type": "object",
              "nullable": true
            }
          ],
          "description": "Severity of the malware. The possible values are: unknown, low, moderate, high, severe. default is unknown. The possible values are: unknown, low, moderate, high, severe."
        },
        "deviceMalwareStates": {
          "type": "array",
          "items": {
            "$ref": "#/components/schemas/microsoft.graph.malwareStateForWindowsDevice"
          },
          "description": "List of devices affected by current malware with the malware state on each device",
          "x-ms-navigationProperty": true
        },
        "@odata.type": {
          "type": "string"
        }
      },
      "description": "Malware information entity."
    }
  ],
  "x-ms-discriminator-value": "#microsoft.graph.windowsMalwareInformation"
}