Show Malware Files Detected for an Image Layer

Shows a list of malware files detected for a particular image layer.

GET/images/{imageSha}/layers/{layerHash}/malware/files

Input ParametersInput Parameters

Parameter	Mandatory/Optional	Data Type	Description
imageSha	Mandatory	string	Specify the SHA value of an image.
layerHash	Mandatory	string	Specify the hash value of a layer.

Sample: Show Malware Files Detected for an Image LayerSample: Show Malware Files Detected for an Image Layer

API Request

curl -X "GET"
"<qualys_base_url>/csapi/v1.3/images/9287a1a2856378618469b0460cb295799ec99506c3d9697193fad51276235b7d/layers/3c779f3ff212ad57ac3c4ba19cbf8e0104e50f27beb178a4e69df5c8e70ac988/malware/files"
-H "accept: application/json"
-H "Authorization: Bearer"

Response

{
    "data": [
        {
            "layerHash": "3c779f3ff212ad57ac3c4ba19cbf8e0104e50f27beb178a4e69df5c8e70ac988",
            "fileHash": "e684a0308c3a040f6a9f892eeae413676ed52bc45e3910a6ad4e4af78378b07d",
            "imageHash": "9287a1a2856378618469b0460cb295799ec99506c3d9697193fad51276235b7d",
            "fileName": "libz.so.1",
            "fileType": "ELF",
            "createdDate": null,
            "fileSize": 0,
            "prediction": "malicious",
            "score": 1,
            "severity": 3,
            "category": "dropper",
            "family": "mirai",
            "mimeType": "application/x-executable"
        }
    ],
    "count": 1,
    "groups": null
}

Error Response

The following error response is seen when the sub-users don't have permission to the specified image.

    {  
    "errorCode": "403 FORBIDDEN",  
    "message": "Request Forbidden",  
    "timestamp": 1700721586546
    }