Suspicious activity
Defender for Cloud: Antimalware file exclusion and code execution in your virtual machine
Risk Level
Informational (4)
Platform(s)
Description
File excluded from your antimalware scanner at the same time as code was executed via a custom script extension on your virtual machine. This was detected by analyzing Azure Resource Manager operations in your subscription. Attackers might exclude files from the antimalware scan on your virtual machine to prevent detection while running unauthorized tools or infecting the machine with malware.-
Recommended Mitigation
It is recommended to review the permissions which were used to make this operation.