PDF/Phishing.A.Gen detection

[Owais Aziz 0]

We are receiving multiple notifications from our one user device "PDF/Phishing.A.Gen detection " Eset endpoint security mac
unfortunately no option to do advance analysis or upload it directly from eset cloud portal to eset team nor we can download the file for investigation 

[Nightowl 205]

If the file is newly seen and feedback is enabled with ESET , then ESET would upload it automatically

but as I've seen it is spam box mails that have those detections.

[Marcos 5,085]

Please provide such PDF file. You can either submit it to ESET as per https://support.eset.com/en/kb141 or upload it here and I'll check it out.

[Owais Aziz 0]

 

How can i download or upload these files directly to eset ? I dont want to take remote session of user pc is there any way ?

[Marcos 5,085]

Since it's mailboxes with messages where the detection occurred, they can be quite big to send. If you can find the exact message(s) with PDF files that were detected in your email client you can pause real-time protection to prevent the files from being detected and deleted, save them to a disk and email them to samples[at]eset.com in an archive encrypted with the password "infected".

[Owais Aziz 0]

These are the files hitting user mailbox in apple mail app

Sample.zip

 

Edited February 7, 2023 by Owais Aziz

[Marcos 5,085]

The detection is correct, all these PDF files are cryptocurrency scam.