Trojans founded in an Outlook for Mac local mailbox .olm file

[sysadminPA 1]

Good day,

we have an employee in our company who has a Trojan, in the specific a PDF/Phishing.A.Gen.

Those are in a .olm file, which is an Outlook for Mac local mailbox file. 

I have found a similar topic here but they are talking only about pst files,

 

Any idea how it will act a full system scan enabling the option to check mailboxes?

Thanks in advance

Emiliano

Edited April 19, 2021 by sysadminPA

[Marcos 5,074]

I assume the scanner would display also metadata, such as "from",  "subject", "date of receipt", etc. that will help you identify the malicious email which you can then look up and delete in the email client.

[sysadminPA 1]

Hi Marcos,

 

thanks for your reply.

This mailbox file is unused. I will need then to open it with a client and delete the single email (not sure I have so much time I can work with this employees laptop :)).

It would help already if Eset can identify these emails, but we are not 100% sure about it?

 

 

Thanks

 

Emiliano

 

[Marcos 5,074]

3 hours ago, sysadminPA said:

It would help already if Eset can identify these emails, but we are not 100% sure about it?

I don't have any experience with oml mailbox files, only with mbox, pst and dbx files. The on-demand scanner should be able to extract metadata mentioned above and log them if a malicious attachment is detected. The metadata should help you look up the malicious email in the mailbox and delete it if the mailbox is actually used by a mail client.