Researchers with Trellix named the malware involved “Graphite” because it uses Microsoft’s Graph API to leverage OneDrive as a command and control server
Article Link: Trellix finds OneDrive malware campaign targeting gov't officials in Western Asia | ZDNet