This document refers to a feature that was removed after Graph API v2.8.
Graph API Version

MalwareFamily

A group, cluster or similar type grouping of Malware.

Fields

ParameterDescriptionType

id

Unique identifier of the malware family

number

added_on

Datetime the family was created

string

aliases

A list of additional names for the family

string list

description

A brief explanation of the family

string

family_type

The kind of family

MalwareFamilyType

malicious

If the family is known to be malicious or not

StatusType

name

The name of the family

string

sample_count

A count of family members

number

submitter_count

The number of ThreatExchange members that submitted the family.

number

Sample Usage

Example query for a specific malware sample: 812860802080929

https://graph.facebook.com/v2.7/812860802080929/?access_token=555|aSdF123GhK&fields=added_on,id,name,status

Data returned:

{
  "added_on": "2014-07-03T02:25:18+0000",
  "family_type": "IMP_HASH",
  "description": "md5deep Automatic family based on PE Import Hash",
  "malicious": "NON_MALICIOUS",
  "name": "ImpHash for md5deep v4.4",
  "id": "812860802080929"
}

Connections

NameDescriptionType

variants

Members of the family

Malware

tags

The tags applied to this descriptor

string

Sample Usage

Example query for a specific malware sample: 518964484802467

https://graph.facebook.com/v2.7/518964484802467/dropped/?access_token=555|aSdF123GhK

Data returned:

{
  "data": [
    {
      "added_on": "2014-05-17T08:50:23+0000",
      "crx": "imidebfpiccjhkmkliilncodnlcijpnl",
      "status": "MALICIOUS",
      "victim_count": 1,
      "id": "636198259806586"
    },
    ...
  ]
}