Active Directory ADSync error with non-existent account

I have a weird ADSync error stating that my local active directory contains two objects with the same ProxyAddress property. One of accounts is username@domain.tld (which is correct) and the second is username@domain.onmicrosoft.com (which is inexistent in AD in my opinion) - and, according to DirSync errors report, both of them contain the same conflicting ProxyAddress username@domain.tld. AzureAD shows that both accounts source from local Active Directory. The point is that someone could create *onmicrosoft.com account years ago to test office365.

I have checked two things so far:

1. Small powershell script to test for the same proxyaddress in local AD:

Get-ADUser -Filter * -Properties proxyAddresses | foreach {
    foreach($address in $_.proxyAddresses) {
        if ($address -eq 'smtp:[email protected]') {
            Write-Host $address
        }
    }
 }

2. Checking for immutableIDs of conflicting accounts:

$user = Get-ADUser legit_account
$immutableid = [System.Convert]::ToBase64String($user.ObjectGUID.tobytearray())
$immutableid #shows the same as legit account in DirSync report

$badImmutableID = 'base64 copied from bad account DirSync error report=='


$users = get-aduser -Filter *
foreach ($usr in $users) {
    $currImmutableID = [System.Convert]::ToBase64String($usr.ObjectGUID.tobytearray())
    if ($currImmutableID -eq $badImmutableID) {
        $usr
    }
}

This script provides no output with bad immutableID (but works with others).

I am actually stuck at this point - AzureAD won't let me delete bad account to resolve conflict saying I have to solve it in local AD while there is no such account. Any ideas would be highly appreciated.