You must have the Advanced Sandbox subscription to view the Sandbox Files Found Malicious report.
The Sandbox Files Found Malicious report highlights unknown files that were sent to Sandbox for analysis and found to be malicious. You can click the file MD5 hash to see the Sandbox Detail Report, view additional transaction information in Web Insights, and export the report to a CSV file. You can view weekly reports from the last six months, not including the current week.
You can view the report in the Admin Portal by going to Analytics > Sandbox Activity Report, and choosing Sandbox Files Found Malicious from the Sandbox Activity Report dropdown menu.