@Ponugoti Narendra Thanks for reaching out.
You can certainly check the security Alert in Security Center and find the methods which we used to generate that alert.
Under Security Center, you have now an option for Security Alert which lists various alerts depending on Advance threat detection and MITRE ATTACK tactics.
If you use the open Query option, you will be able to see the query which we use to detect this.
-----------------------------------------------------------------------------------------------------------------
If the suggested response helped you resolve your issue, please do not forget to accept the response as Answer and "Up-Vote" for the answer that helped you for benefit of the community.