Should I block it?

90%
90% of PCs block this file from running.
Possible reason:
Multiple malware detections

VersionsAdditional versions

0fa15 88.89%
3a8b6 11.11%
(Note, Hoolapp publishes each variation of this file with the same version, but the hashes are unique.)

Relationships

Parent process
Related files

hoolapp.exe

By Hoolapp (Signed)

Remove hoolapp.exe
MD5:   3a8b61d12d72dcac4ceb7e09ac62a349
SHA1:   b7c0d279a6da6a584c7afcbf3c781736681247f3
SHA256:   a014bd02a2984a02a121617774d38129642c0278a4dc1d0fbce01b8b01669fc7
Warning 6 antivirus scanners has detected malware.

Overview

hoolapp.exe is malware that executes as a process with the local user's privileges usually within the context of Windows Explorer. It is set to be run when the PC boots and the user logs into Windows (added to the Run registry key for the current user). The file is digitally signed by Hoolapp which was issued by the COMODO CA Limited certificate authority (CA).

DetailsDetails

File name:hoolapp.exe
Typical file path:C:\users\user\appdata\roaming\hoolappforandroid\hoolapp.exe
Size:1.15 MB (1,203,200 bytes)
Certificate
Issued to:Hoolapp
Authority (CA):COMODO CA Limited
Digital DNA
File packed:No
.NET CLR:No
More details

BehaviorsBehaviors

Scheduled tasks
  • The job 'Hoolapp Init' runs on logon in the path '\Hoolapp Init'
  • Entry path '\Hoolapp Init'
Startup files (user) run
Runs under the registry key 'HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run'
  • 'Hoolapp Android' → "C:\users\user\appdata\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized
Scheduled tasks startups
Set to load on user login (bypasses Windows UAC if enabled)
  • Login entry path '\Hoolapp Init'
Network connections
  • [TCP] sea09s01-in-f2.1e100.net (173.194.33.2:80)
  • [UDP] listens on port 58473

    • MalwareMalware detections

    Based on 40+ industry antivirus scanners, 6 of them detected the following malware.
    Antivirus engineEngine versionDetection
    Comodo Internet Security 16715 UnclassifiedMalware
    ESET NOD32 7.8653 a variant of Win32/InstallCore.BA
    Kaspersky 9.0.0.837 HEUR:Trojan.Win32.Generic
    Kingsoft 2013.4.9.267 Win32.Troj.Undef.(kcloud)
    Symantec 20131.1.0.101 WS.Reputation.1
    Trend Micro HouseCall 9.700.0.1001 TROJ_GEN.F47V0301

    ResourcesResource utilization

    (Note: statistics below are averages based on a minimum sample size of 200 unique participants)
    Averages
     
    CPU
    Total CPU:0.00837495%
    0.028634%
    Kernel CPU:0.00317242%
    0.013761%
    User CPU:0.00520253%
    0.014873%
    Kernel CPU time:6,536 ms/min
    100,923,805ms/min
    Memory
    Private memory:37.43 MB
    21.59 MB
    Private (maximum):15.54 MB
    Private (minimum):11.29 MB
    Non-paged memory:37.43 MB
    21.59 MB
    Virtual memory:237.96 MB
    140.96 MB
    Virtual memory (peak):244.66 MB
    169.69 MB
    Working set:15 MB
    18.61 MB
    Working set (peak):65.26 MB
    37.95 MB
    Resource allocations
    Threads:18
    12
    Handles:547
    600
    GUI GDI count:98
    103
    GUI GDI peak:100
    142
    GUI USER count:92
    49
    GUI USER peak:129
    71

    BehaviorsProcess properties

    Integrety level:Medium
    Platform:32-bit
    Command line:"C:\users\user\appdata\roaming\hoolappforandroid\hoolapp.exe" /minimized
    Owner:User
    Parent process:explorer.exe (Windows Explorer by Microsoft Corporation)

    ResourcesThreads

    Averages
     
    Hoolapp.exe (main module)
    Total CPU:0.06572574%
    0.272967%
    Kernel CPU:0.03355419%
    0.107585%
    User CPU:0.03217155%
    0.165382%
    CPU cycles:15,882,412/sec
    5,741,424/sec
    Memory:1.18 MB
    1.16 MB
    msvcrt.dll (Windows NT CRT DLL by Microsoft)
    Total CPU:0.00554811%
    Kernel CPU:0.00073975%
    User CPU:0.00480836%
    CPU cycles:136,780/sec
    Memory:688 KB
    ntdll.dll
    Total CPU:0.00285976%
    Kernel CPU:0.00175239%
    User CPU:0.00110737%
    CPU cycles:106,105/sec
    Memory:1.23 MB
    mshtml.dll (Windows Internet Explorer by Microsoft)
    Total CPU:0.00191507%
    Kernel CPU:0.00098728%
    User CPU:0.00092779%
    CPU cycles:727,024/sec
    Memory:11.77 MB
    wininet.dll
    Total CPU:0.00018579%
    Kernel CPU:0.00000000%
    User CPU:0.00018579%
    CPU cycles:27,884/sec
    Memory:1.11 MB

    Common loaded modules

    These are modules that are typiclaly loaded within the context of this process.

    Windows OS versionsDistribution by Windows OS

    OS versiondistribution
    Windows 7 Home Premium 33.33%
    Windows 7 Professional 22.22%
    Microsoft Windows XP 22.22%
    Windows 7 Ultimate 11.11%
    Windows 7 Home Basic 11.11%

    Distribution by countryDistribution by country

    Germany installs about 33.33% of hoolapp.exe.

    OEM distributionDistribution by PC manufacturer

    PC Manufacturerdistribution
    Toshiba 36.36%
    Hewlett-Packard 36.36%
    Samsung 18.18%
    Acer 9.09%
    Back to top
    Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

    Download it for FREE