Malware File Detected In Office 365

Query Information

Technique ID	Title	Link
T1204.002	User Execution: Malicious File	https://attack.mitre.org/techniques/T1204/002/

This detects a malware file in your Office 365 environment. This activity does not always raise an alert.

Active malware is detected and can spread through the organisation.

https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/anti-malware-protection?view=o365-worldwide

OfficeActivity
| where Operation == "FileMalwareDetected"
| project-reorder TimeGenerated, OfficeWorkload, SourceFileName, OfficeObjectId, UserId