The file is a high-risk package containing a known malicious executable . While advertised as a "checker" tool—likely for verifying the validity of email credentials or session cookies—forensic analysis identifies it as a sophisticated data-stealing Trojan. Core Identity & Malware Classification
Detailed sandboxing on ANY.RUN indicates the following behaviors: MAIL ACCESS Checker G-Klit.rar
Mail Access Checker by G-KLIT.exe (contained within the .rar archive). Verdict: Malicious Activity Detected . The file is a high-risk package containing a
The tool is built using Python and packaged as a Windows executable via PyInstaller . This is a common technique used by malware authors to hide malicious scripts within a legitimate-looking container. Indicators of Compromise (IOCs): MD5: 02EADD468D5B5A606F3A73770AE73A41 Verdict: Malicious Activity Detected
39063D85E04B6DA2A504FED78BF9B8ADA68EAE7CDD1945D9D2AD1D576F149B31 Functional Analysis
Like many modern Trojans, it may attempt to establish a foothold on the host system to remain active after reboots. Risk Summary