Should I block it?
90% of PCs block this file from running.
Possible reason:
Multiple malware detections
Additional versions
(Note, Hoolapp publishes each variation of this file with the same version, but the hashes are unique.)
Relationships
Parent process
Related files
hoolapp.exe
By Hoolapp (Signed)
MD5: | 3a8b61d12d72dcac4ceb7e09ac62a349 |
SHA1: | b7c0d279a6da6a584c7afcbf3c781736681247f3 |
SHA256: | a014bd02a2984a02a121617774d38129642c0278a4dc1d0fbce01b8b01669fc7 |
Warning 6 antivirus scanners has detected malware.
Overview
hoolapp.exe is malware that executes as a process with the local user's privileges usually within the context of Windows Explorer. It is set to be run when the PC boots and the user logs into Windows (added to the Run registry key for the current user). The file is digitally signed by Hoolapp which was issued by the COMODO CA Limited certificate authority (CA).
Details
File name: | hoolapp.exe |
Typical file path: | C:\users\user\appdata\roaming\hoolappforandroid\hoolapp.exe |
Size: | 1.15 MB (1,203,200 bytes) |
Certificate |
Issued to: | Hoolapp |
Authority (CA): | COMODO CA Limited |
Digital DNA |
File packed: | No |
.NET CLR: | No |
More details
Behaviors
Scheduled tasks
- The job 'Hoolapp Init' runs on logon in the path '\Hoolapp Init'
- Entry path '\Hoolapp Init'
Startup files (user) run
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
- 'Hoolapp Android' → "C:\users\user\appdata\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized
Scheduled tasks startups
Set to load on user login (bypasses Windows UAC if enabled)
- Login entry path '\Hoolapp Init'
Network connections
[TCP] sea09s01-in-f2.1e100.net (173.194.33.2:80)
[UDP] listens on port 58473
Malware detections
Based on 40+ industry antivirus scanners, 6 of them detected the following malware.
Antivirus engine | Engine version | Detection |
Comodo Internet Security |
16715 |
UnclassifiedMalware |
ESET NOD32 |
7.8653 |
a variant of Win32/InstallCore.BA |
Kaspersky |
9.0.0.837 |
HEUR:Trojan.Win32.Generic |
Kingsoft |
2013.4.9.267 |
Win32.Troj.Undef.(kcloud) |
Symantec |
20131.1.0.101 |
WS.Reputation.1 |
Trend Micro HouseCall |
9.700.0.1001 |
TROJ_GEN.F47V0301 |
Resource utilization
(Note: statistics below are averages based on a minimum sample size of 200 unique participants)
Averages
CPU |
Total CPU: | 0.00837495% | |
Kernel CPU: | 0.00317242% | |
User CPU: | 0.00520253% | |
Kernel CPU time: | 6,536 ms/min | |
Memory |
Private memory: | 37.43 MB | |
Private (maximum): | 15.54 MB | |
Private (minimum): | 11.29 MB | |
Non-paged memory: | 37.43 MB | |
Virtual memory: | 237.96 MB | |
Virtual memory (peak): | 244.66 MB | |
Working set: | 15 MB | |
Working set (peak): | 65.26 MB | |
Resource allocations |
Threads: | 18 | |
Handles: | 547 | |
GUI GDI count: | 98 | |
GUI GDI peak: | 100 | |
GUI USER count: | 92 | |
GUI USER peak: | 129 | |
Process properties
Threads
Averages
Hoolapp.exe (main module) |
Total CPU: | 0.06572574% | |
Kernel CPU: | 0.03355419% | |
User CPU: | 0.03217155% | |
CPU cycles: | 15,882,412/sec | |
Memory: | 1.18 MB | |
msvcrt.dll (Windows NT CRT DLL by Microsoft) |
Total CPU: | 0.00554811% | |
Kernel CPU: | 0.00073975% | |
User CPU: | 0.00480836% | |
CPU cycles: | 136,780/sec | |
Memory: | 688 KB | |
ntdll.dll |
Total CPU: | 0.00285976% | |
Kernel CPU: | 0.00175239% | |
User CPU: | 0.00110737% | |
CPU cycles: | 106,105/sec | |
Memory: | 1.23 MB | |
mshtml.dll (Windows Internet Explorer by Microsoft) |
Total CPU: | 0.00191507% | |
Kernel CPU: | 0.00098728% | |
User CPU: | 0.00092779% | |
CPU cycles: | 727,024/sec | |
Memory: | 11.77 MB | |
wininet.dll |
Total CPU: | 0.00018579% | |
Kernel CPU: | 0.00000000% | |
User CPU: | 0.00018579% | |
CPU cycles: | 27,884/sec | |
Memory: | 1.11 MB | |
Common loaded modules
These are modules that are typiclaly loaded within the context of this process.
Distribution by Windows OS
OS version | distribution |
Windows 7 Home Premium |
33.33% |
|
Windows 7 Professional |
22.22% |
|
Microsoft Windows XP |
22.22% |
|
Windows 7 Ultimate |
11.11% |
|
Windows 7 Home Basic |
11.11% |
|
Distribution by country
Germany installs about 33.33% of hoolapp.exe.
Distribution by PC manufacturer
PC Manufacturer | distribution |
Toshiba |
36.36% |
|
Hewlett-Packard |
36.36% |
|
Samsung |
18.18% |
|
Acer |
9.09% |
|