An indicator of compromise.
Parameter | Description | Type |
---|---|---|
| Unique identifier of the threat indicator. Automatically assigned at create time, and non-editable. |
|
| The value of the indicator. Non-editable after initial creation of the indicator. |
|
| The type of indicator. Non-editable after initial creation of the indicator. | List of |
Example query for a specific indicator: 788497497903212:
https://graph.facebook.com/v2.7/788497497903212/?access_token=555|aSdF123GhK
Data returned:
{ "indicator": "facebook.com", "type": "DOMAIN", "id": "788497497903212" }
Name | Description | Type |
---|---|---|
| Subjective opinions about the indicator | |
| Malware analyses linked to the indicator | |
| Other threat indicators that have been associated |
Example query for malware analyses related to a specific indicator: 768629009848617
https://graph.facebook.com/v2.7/768629009848617/malware_analyses/?access_token=555|aSdF123GhK
Data returned:
{ "data": [ { "added_on": "2014-06-05T19:52:11+0000", "md5": "7914a485bdc6df7103e7cae379f7a152", "sha1": "fd1b83fc4c1f5b5a68ddfdec8ba97d59d78e6065", "sha256": "ab402de2c79ad620a84cf651d7cf4f8287acf8564a8c551e5b39bb82813abbc6", "status": "MALICIOUS", "victim_count": 0, "id": "673692009351404" }, ... ] }
Example query for descriptors related to a specific indicator: 852121234856016
https://graph.facebook.com/v2.7/852121234856016/descriptors/?access_token=555|aSdF123GhK
Data returned:
{ "data": [ { "id": "811927545529339", "indicator": { "indicator": "test1434227164.evilevillabs.com", "type": "DOMAIN", "id": "852121234856016" }, "owner": { "id": "588498724619612", "name": "Facebook CERT ThreatExchange" }, "type": "DOMAIN", "raw_indicator": "test1434227164.evilevillabs.com", "description": "This is our test domain. It's harmless", "status": "NON_MALICIOUS" }, { "id": "799906626794304", "indicator": { "indicator": "test1434227164.evilevillabs.com", "type": "DOMAIN", "id": "852121234856016" }, "owner": { "id": "682796275165036", "name": "Facebook Site Integrity ThreatExchange" }, "type": "DOMAIN", "raw_indicator": "test1434227164.evilevillabs.com", "description": "Malware command and control", "status": "MALICIOUS" } ], "paging": { "cursors": { "before": "ODExOTI3NTQ1NTI5MzM5", "after": "Nzk5OTA2NjI2Nzk0MzA0" } }