10190dc080a18fc1c14806d4475dbf2f92432e925814561de506221af0312af7

Analysis

max time kernel
144s
max time network
135s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
28-12-2023 20:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ppsspp-1-16-6.exe
Size

21.0MB
MD5

d90c4d37778073c5940a994103d43f36
SHA1

cabba59cffe6e89b6cfcd042d22f3d83ff194be2
SHA256

10190dc080a18fc1c14806d4475dbf2f92432e925814561de506221af0312af7
SHA512

5c7932cc48a915e2d5af3a3a50fdae60c15729e8c20e87291a021448abc562b85fb0c9f8c91bc04d5b7e4acebcfad234e664cf35dec53296a6a9fb98f2355b09
SSDEEP

393216:QlpY3kCmGd5Q/BuiyAafNE+EibdpMabS/qpR6+Xtyt+BQ8HEGWrx44X5/R/1iH2e:Q/YUAviVANA6dp7FvPXtQ+qYELZPiWsD

Score

4^/10

discovery

Malware Config

Signatures

Checks installed software on the system 1 TTPs
Looks up Uninstall key entries in the registry to enumerate software on the system.
discovery

Query Registry
T1012

Drops file in Program Files directory 64 IoCs

Processes:

ppsspp-1-16-6.tmp

description	ioc	process
File created	C:\Program Files\PPSSPP\assets\shaders\is-PBDM6.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\shaders\is-GTTHP.tmp	ppsspp-1-16-6.tmp
File opened for modification	C:\Program Files\PPSSPP\d3dcompiler_47.x86.dll	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\is-AAM78.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\is-3CPJD.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\shaders\is-CR26J.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\shaders\is-4SGF4.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\is-3VIFP.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\lang\is-QBIPD.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\lang\is-HJ1IL.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\vfpu\is-O971J.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\flash0\font\is-8IK3C.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\is-7R84N.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\is-JICKJ.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\shaders\is-D0TAM.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\shaders\is-8OQ3R.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\lang\is-MP5G5.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\shaders\is-HFUPL.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\is-OL72S.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\shaders\is-PP8AF.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\lang\is-HD9R8.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\lang\is-24G4C.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\vfpu\is-MSQ4N.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\lang\is-IARQH.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\lang\is-OA73G.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\lang\is-SK93O.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\lang\is-EVMNO.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\debugger\is-K9J3U.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\is-A7TBK.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\is-CSURD.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\is-I5398.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\is-C5HLP.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\shaders\is-BQ9CG.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\shaders\is-VLDPJ.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\is-QET0M.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\shaders\is-LALQR.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\vfpu\is-8JFKU.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\shaders\is-F9FU2.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\lang\is-R4O0P.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\lang\is-RFDGL.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\lang\is-EN688.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\shaders\is-VIT4R.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\shaders\is-513GJ.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\lang\is-70ALV.tmp	ppsspp-1-16-6.tmp
File opened for modification	C:\Program Files\PPSSPP\d3dcompiler_47.dll	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\unins000.dat	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\is-AE2JH.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\is-8BS32.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\shaders\is-RE5M7.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\lang\is-LSQ5I.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\flash0\font\is-66TJQ.tmp	ppsspp-1-16-6.tmp
File opened for modification	C:\Program Files\PPSSPP\unins000.dat	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\lang\is-G3OQ1.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\lang\is-K14M9.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\vfpu\is-V5GSA.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\is-24HL4.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\shaders\is-F0B45.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\shaders\is-I7FM7.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\shaders\is-I6LPH.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\shaders\is-6LOTT.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\debugger\static\js\is-8DLF3.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\flash0\font\is-II87H.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\shaders\is-4JE6N.tmp	ppsspp-1-16-6.tmp
File created	C:\Program Files\PPSSPP\assets\debugger\is-56FE3.tmp	ppsspp-1-16-6.tmp

Executes dropped EXE 5 IoCs

Processes:

ppsspp-1-16-6.tmpPPSSPPWindows64.exePPSSPPWindows64.exePPSSPPWindows64.exePPSSPPWindows64.exe

pid process

2856 ppsspp-1-16-6.tmp
480 PPSSPPWindows64.exe
2036 PPSSPPWindows64.exe
2288 PPSSPPWindows64.exe
2776 PPSSPPWindows64.exe
Loads dropped DLL 7 IoCs

Processes:

ppsspp-1-16-6.exeppsspp-1-16-6.tmpPPSSPPWindows64.exe

pid process

2256 ppsspp-1-16-6.exe
2856 ppsspp-1-16-6.tmp
2856 ppsspp-1-16-6.tmp
1268
1268
1268
2288 PPSSPPWindows64.exe
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082
Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes:

ppsspp-1-16-6.tmp

pid process

2856 ppsspp-1-16-6.tmp
2856 ppsspp-1-16-6.tmp
Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

PPSSPPWindows64.exe

pid process

2288 PPSSPPWindows64.exe
Suspicious use of FindShellTrayWindow 1 IoCs

Processes:

ppsspp-1-16-6.tmp

pid process

2856 ppsspp-1-16-6.tmp
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

PPSSPPWindows64.exePPSSPPWindows64.exePPSSPPWindows64.exePPSSPPWindows64.exe

pid process

480 PPSSPPWindows64.exe
2036 PPSSPPWindows64.exe
2288 PPSSPPWindows64.exe
2776 PPSSPPWindows64.exe

pid	process
2856	ppsspp-1-16-6.tmp
480	PPSSPPWindows64.exe
2036	PPSSPPWindows64.exe
2288	PPSSPPWindows64.exe
2776	PPSSPPWindows64.exe

pid	process
2256	ppsspp-1-16-6.exe
2856	ppsspp-1-16-6.tmp
2856	ppsspp-1-16-6.tmp
1268
1268
1268
2288	PPSSPPWindows64.exe

pid	process
2856	ppsspp-1-16-6.tmp
2856	ppsspp-1-16-6.tmp

pid	process
2288	PPSSPPWindows64.exe

pid	process
2856	ppsspp-1-16-6.tmp

pid	process
480	PPSSPPWindows64.exe
2036	PPSSPPWindows64.exe
2288	PPSSPPWindows64.exe
2776	PPSSPPWindows64.exe

Suspicious use of WriteProcessMemory 20 IoCs

Processes:

ppsspp-1-16-6.exeppsspp-1-16-6.tmpPPSSPPWindows64.exePPSSPPWindows64.exe

description	pid	process	target process
PID 2256 wrote to memory of 2856	2256	ppsspp-1-16-6.exe	ppsspp-1-16-6.tmp
PID 2256 wrote to memory of 2856	2256	ppsspp-1-16-6.exe	ppsspp-1-16-6.tmp
PID 2256 wrote to memory of 2856	2256	ppsspp-1-16-6.exe	ppsspp-1-16-6.tmp
PID 2256 wrote to memory of 2856	2256	ppsspp-1-16-6.exe	ppsspp-1-16-6.tmp
PID 2256 wrote to memory of 2856	2256	ppsspp-1-16-6.exe	ppsspp-1-16-6.tmp
PID 2256 wrote to memory of 2856	2256	ppsspp-1-16-6.exe	ppsspp-1-16-6.tmp
PID 2256 wrote to memory of 2856	2256	ppsspp-1-16-6.exe	ppsspp-1-16-6.tmp
PID 2856 wrote to memory of 480	2856	ppsspp-1-16-6.tmp	PPSSPPWindows64.exe
PID 2856 wrote to memory of 480	2856	ppsspp-1-16-6.tmp	PPSSPPWindows64.exe
PID 2856 wrote to memory of 480	2856	ppsspp-1-16-6.tmp	PPSSPPWindows64.exe
PID 2856 wrote to memory of 480	2856	ppsspp-1-16-6.tmp	PPSSPPWindows64.exe
PID 480 wrote to memory of 2036	480	PPSSPPWindows64.exe	PPSSPPWindows64.exe
PID 480 wrote to memory of 2036	480	PPSSPPWindows64.exe	PPSSPPWindows64.exe
PID 480 wrote to memory of 2036	480	PPSSPPWindows64.exe	PPSSPPWindows64.exe
PID 480 wrote to memory of 2288	480	PPSSPPWindows64.exe	PPSSPPWindows64.exe
PID 480 wrote to memory of 2288	480	PPSSPPWindows64.exe	PPSSPPWindows64.exe
PID 480 wrote to memory of 2288	480	PPSSPPWindows64.exe	PPSSPPWindows64.exe
PID 2288 wrote to memory of 2776	2288	PPSSPPWindows64.exe	PPSSPPWindows64.exe
PID 2288 wrote to memory of 2776	2288	PPSSPPWindows64.exe	PPSSPPWindows64.exe
PID 2288 wrote to memory of 2776	2288	PPSSPPWindows64.exe	PPSSPPWindows64.exe

C:\Users\Admin\AppData\Local\Temp\ppsspp-1-16-6.exe
"C:\Users\Admin\AppData\Local\Temp\ppsspp-1-16-6.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:2256
- C:\Users\Admin\AppData\Local\Temp\is-3KNHF.tmp\ppsspp-1-16-6.tmp
  "C:\Users\Admin\AppData\Local\Temp\is-3KNHF.tmp\ppsspp-1-16-6.tmp" /SL5="$70120,21547741,121344,C:\Users\Admin\AppData\Local\Temp\ppsspp-1-16-6.exe"
  2⤵
  - Drops file in Program Files directory
  - Executes dropped EXE
  - Loads dropped DLL
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of WriteProcessMemory
  PID:2856
- - C:\Program Files\PPSSPP\PPSSPPWindows64.exe
    "C:\Program Files\PPSSPP\PPSSPPWindows64.exe"
    3⤵
    - Executes dropped EXE
    - Suspicious use of SetWindowsHookEx
    - Suspicious use of WriteProcessMemory
    PID:480
  - - C:\Program Files\PPSSPP\PPSSPPWindows64.exe
      "C:\Program Files\PPSSPP\PPSSPPWindows64.exe" --vulkan-available-check
      4⤵
      Executes dropped EXE
      Suspicious use of SetWindowsHookEx
      PID:2036
  - - C:\Program Files\PPSSPP\PPSSPPWindows64.exe
      "C:\Program Files\PPSSPP\PPSSPPWindows64.exe"
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      Suspicious behavior: GetForegroundWindowSpam
      Suspicious use of SetWindowsHookEx
      Suspicious use of WriteProcessMemory
      PID:2288
    - - C:\Program Files\PPSSPP\PPSSPPWindows64.exe
        
        "C:\Program Files\PPSSPP\PPSSPPWindows64.exe" --vulkan-available-check
        5⤵
        Executes dropped EXE
        Suspicious use of SetWindowsHookEx
        
        PID:2776

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\PPSSPP\PPSSPPWindows64.exe

Filesize
9.4MB

MD5
079609ce82223d291e22a6dd5c2f467b

SHA1
7382d9ca31baec84b59b1d7c0965797e5c1976a2

SHA256
ba2f6230f350d43a3787970ce30976ea472367d12caeaef9926276ae1186f955

SHA512
04c927724d527ede4e55218fd18092f333d7d763db62eeb2b6283722a8b284cd514353f9ebe703d7f6dbb7f6a852d72f9e683761d32075d1af4aaed46171b44b

Download Submit
C:\Program Files\PPSSPP\PPSSPPWindows64.exe

Filesize
7.6MB

MD5
d11f5035e6493589d7ca832020dded9d

SHA1
dbc8bd65b7de3d9977b89e88d110557a2987bd66

SHA256
3a203595cd6ee7d9118fb1cfde2cce8317a4859cfaf179ca3f4cab7686c44210

SHA512
d7241cfafb3726ffd18aa7b1f4a2f0922a68bbd33673904d8adc917971dfd04fb9656084c8f22e756a3b1118cc3c3cd94b8ed8b79e3f2794ad0cc47adbdbedf6

Download Submit
C:\Program Files\PPSSPP\PPSSPPWindows64.exe

Filesize
10.2MB

MD5
a028a3632bf15e008dbfd650ac93eaf4

SHA1
bcdf2805b53134766db0c643ba9e6f33c3a5b459

SHA256
1de0848a944236469c2d01ce7bd8b7dafe4616c58cd6a1a2f7f038f45cf7a240

SHA512
f594b90ce0132c9e769b0234ff14c879f4cf1996bdcf89f301dfab1d9fd84895c85ef0b16d81696dc9e2454bf66ce0466cb40343e49847872342d35bd8a92143

Download Submit
C:\Program Files\PPSSPP\PPSSPPWindows64.exe

Filesize
8.3MB

MD5
172b1d3be79d69b72bfa096ecbd66069

SHA1
0d65606252ecd268dc031d565a81c4a563313e6b

SHA256
ea45a9d9e49361368bf91502e2209e23605305be1cf43deea622873c6cc29ae9

SHA512
6927c99de604f81360c74b2306c3fab08fdf28f2bcb2643029cabb4c0a4bb0bd913c8eaf673dcf3dfbb33206b8e29b6ca9037cd98f33daeb0fe1c2db22de3012

Download Submit
C:\Program Files\PPSSPP\assets\lang\en_US.ini

Filesize
53KB

MD5
2339df8da60b69bafafdd472492c2f9e

SHA1
73ec4bd48427c0a70cc15dd7b3fdb105a31e47bd

SHA256
a4e4ac5e1af82fe29a1e03022c2f04db303f7c065756feeef84bbd60bcbf10df

SHA512
5498271c5dc06614854171165b2458f30eac1a7575c65262e75ad89cdc50633507fef9ef1657bbf70bc993257d79513467bd776e2621fc68788a0898be29fd3e

Download Submit
C:\Program Files\PPSSPP\assets\sfx_achievement_unlocked.wav

Filesize
79KB

MD5
ffb05cbb000c2a3e6b2594e5d41b3b78

SHA1
a66070651c75c377c043fa5d37590ee6004e30a4

SHA256
c95f53b1279684c8db5f2b518a63675db3713b3c097c65fd2ff280baf29ffd34

SHA512
5566e34f043db6a65de20edc8825fbe38d2a309e52d6a8fe1c0aadf4a2647c16655e2d5b150cd850508fead828f9e7bc93090f0a8930ced14fd0be666399d689

Download Submit
C:\Program Files\PPSSPP\assets\sfx_back.wav

Filesize
31KB

MD5
c873ac1ea00c42828e03d9898a3b41ef

SHA1
4fff7da19d8810d8fc8f97eb769bdfd15563658a

SHA256
8e6550b975a34511788dbeaacae47c9be6c89c967052c12342c6cc32f5650e4c

SHA512
c86c50b13cd2f5a961c3361f4b183930c62ee1e08ca00921c1aeebb306c69d2dd33a4952df3a8f46287869d55e387b42d2d3274d82d3e215ab06b3d3fb9d6258

Download Submit
C:\Program Files\PPSSPP\assets\sfx_confirm.wav

Filesize
44KB

MD5
c3bc568204bdecc72ef7120cc56d01b8

SHA1
56b05f7483e44889a1703fbb2d7318484e6d732f

SHA256
c2fdb1d1e6e677883f13eb866a1d83b8f67cc94f00aec21163612f61afefb693

SHA512
d3b323a3bf4ab325d230f07e54c84bf85f9739ba03310327ae3d8917034b7a356448d789d8f59200c2e1e7550cfdbe729220703a9f0bb9bdf4e702d8c9083c84

Download Submit
C:\Program Files\PPSSPP\assets\sfx_leaderbord_submitted.wav

Filesize
92KB

MD5
38db23b9f4c7aba3bc831b42a90dac67

SHA1
0b436b5daa14683ee6c8942079b128e9549ded0a

SHA256
61e780e220798f49d15e6d9eb85634a6e21f05765ed2a7aec682e196f4edda7d

SHA512
61510809fa3acbab537080cd27d69c0f178f46df9d83751d1bf4338ff24e49697edd5123cb075d22762163281c63c2ffdfd4a2d4ba75d76147037e9e08042e96

Download Submit
C:\Program Files\PPSSPP\assets\sfx_select.wav

Filesize
27KB

MD5
8f8a25fe78b52bd404c28dd06dc1aa23

SHA1
0bd3eabc432b6119507e4fc43354113b68bdbf66

SHA256
6d108dcae03c5a4ea04136b972c7c202b8b5013f4771791f0cb7348db0051dc1

SHA512
67dd6add09bd2febc19730f0b86128d6c2ea2b95b96dc18934844a0355cda4dbf5837e0a203b8775a25139bd19543445a824be5c10b8e42758d84e1efa7e380a

Download Submit
C:\Program Files\PPSSPP\assets\sfx_toggle_off.wav

Filesize
33KB

MD5
91d7befe927f45c5aaa6df0b3b754a5c

SHA1
d63735758f437788638edfc6cc2ce29afcf02cc5

SHA256
5d3c60e5fd12658ffc562f14331b7d0c962b818bee4a38aa9c928d2f08fb4f6b

SHA512
1c7b4fa8f48ce6230d3465736e94ab39409f20f2d35b04e7f8637e4fdafbd003e34d85a945c06fc976d1dc28a9778de3f89456f6274ded2fd9890de8a8a79591

Download Submit
C:\Program Files\PPSSPP\assets\sfx_toggle_on.wav

Filesize
37KB

MD5
66b4e28e92ebc1b16305c1898caa69da

SHA1
7932cd34fce034aaae6867b41c84978d2d1504ab

SHA256
f56b389dde4da2ad6f65f3ac136c3d9c1a681aa76c3ca531e984410b261b4810

SHA512
d871a003564ed48189b7377debd3eec6aa2355d91af6d729c227fe9dac38baf8ca354fe4ef85f99283bc7b645bc7dcfb113f8fcca47ed96de1ab189231f296a3

Download Submit
C:\Program Files\PPSSPP\installed.txt

Filesize
149B

MD5
db96d786bf4def028c7abdf5248b0845

SHA1
8e697e4c4cfd68323112904b0dab4bb85546e060

SHA256
2a0937e6b494bfe812b3f49209dacfd83a3e38b39e561fd5a65706dd5a3bf4c4

SHA512
a4ddc17b387c639d3d7e16ecb33a9d02616d4ed745ddfa2dc86bbc9831c9d36e8ce16ebf90d02f580db9df5fef09cc1cdabf25ae6403127c90fed1f84782e34a

Download Submit
C:\Users\Admin\Documents\PPSSPP\PSP\SYSTEM\controls.ini

Filesize
636B

MD5
4b8d6348e51dc77bb15a096fb045fe4c

SHA1
0094c597840a8467f097f95a59f03dd187c293de

SHA256
21f77e0597c5b2c27d8e58ba05961a55de6db9028f29cd11a2991519e1e95060

SHA512
7a5f77de8dabda0221deebfe28c4fbbfe85c0bb97dc9391f8e9a6431ef73eb3875aec3d4cb9f236da20b4d0b993e611ff83029d385f73d8cf0d85e2091a7de2d

Download Submit
C:\Users\Admin\Documents\PPSSPP\PSP\SYSTEM\ppsspp.ini

Filesize
13KB

MD5
19f55d1fad46fdd9aa9ab830ec854174

SHA1
eb56b738d27ddae82588674404448f3dba03af57

SHA256
bc320c5152a2588cf4e73970b02a59d709e702e3107ea228a36834c35c0e8189

SHA512
30282ed9c7b4d0546143cf2da6340d213c5da98e63c44744f52f51a08e509533eed60f1bb015f8b52f845dc9a03401e45ec093782c85dc55124db355d3bcee04

Download Submit
\Program Files\PPSSPP\PPSSPPWindows64.exe

Filesize
16.1MB

MD5
b4ae50d1085227c1d59b51b329186870

SHA1
e0fe633e9e1352a88ded77b4d43471897cc17c9e

SHA256
47c235af2c9375b1695f6bf7e66d5679d1967c36f1e1059521fe1443eca79ccc

SHA512
2503a296325660d4809e6cc5647e6a20b3cc1cca91e39a31c11b587c5c2c1cd6541c61e56ebc463ed46afd6461eac7563a88806b5fdeb5db5d4af9b81e9c3381

Download Submit
\Program Files\PPSSPP\PPSSPPWindows64.exe

Filesize
5.9MB

MD5
5c8caa9305aea68c3a812d6524431fc6

SHA1
19bbd807f445577a3ee234503558714f1f970b7c

SHA256
3e38656f20061e97df4ad7cbeb288ed6c572bed2c7e48ebda81b1871d94da826

SHA512
d1bc5b5f71df2a7189f298a29e999bf8928612084a70dbc9232ebe1103b943622cea12b591dd45ff5c77c6d7c87f36d877a2cf32fc19b68387f78b2ca7aae139

Download Submit
\Program Files\PPSSPP\PPSSPPWindows64.exe

Filesize
6.7MB

MD5
e1c492409489e8f834b09b8c13e6b08a

SHA1
1d1663ffec65879154b94ca1efa3c9c04d82ed27

SHA256
bf5da667ca73ad74bf376fa067b25415afc3471bec385ab681883704ab4af728

SHA512
4eb4fad1220eee0607a8daa71b8044e3527ee3ca77141050d8cf78fe922555c6de2b066bc27b824941e2df342b064e3dfb5f8c315497566c9cbcc9ebf2658695

Download Submit
\Program Files\PPSSPP\PPSSPPWindows64.exe

Filesize
5.6MB

MD5
b710fb123f3ffbfed1c2d87eb46bfe7d

SHA1
398c3ef7eed520dd86804bbe4a0a92b6534c132f

SHA256
f3c98c521cc71b173921b81bff483409489b50e154efeff5a4eb59afd573cf9e

SHA512
a20add7ec7736685102f9c3bda8dbec460ea59de0b783568136e5b209361419abc9180e6bc8f8f91f82dc52dfa8d5358d1415750999f44130f5c1af2ddc38e44

Download Submit
\Program Files\PPSSPP\PPSSPPWindows64.exe

Filesize
4.6MB

MD5
9b8dffc84d08806db7030f8f5280336d

SHA1
d39ac00b8105efa1d04b5b40233200cb2ce03405

SHA256
66ea65fd11a9ea3ddec660df81183e2429de68fe92f61b1c3fb9bbd1c85c8465

SHA512
4e163828008159ec2f8b118319bfe4e0d785ff2da2b065eb9ebd71558bbee7756125d837ad938cbac890e7f73aa681b7540c048186e4af2a7e9c012f89561e60

Download Submit
\Program Files\PPSSPP\d3dcompiler_47.dll

Filesize
4.0MB

MD5
b0ae3aa9dd1ebd60bdf51cb94834cd04

SHA1
ee2f5726ac140fb42d17aba033d678afaf8c39c1

SHA256
e994847e01a6f1e4cbdc5a864616ac262f67ee4f14db194984661a8d927ab7f4

SHA512
756ebf4fa49029d4343d1bdb86ea71b2d49e20ada6370fd7582515455635c73d37ad0dbdeef456a10ab353a12412ba827ca4d70080743c86c3b42fa0a3152aa3

Download Submit
\Users\Admin\AppData\Local\Temp\is-3KNHF.tmp\ppsspp-1-16-6.tmp

Filesize
1.1MB

MD5
34acc2bdb45a9c436181426828c4cb49

SHA1
5adaa1ac822e6128b8d4b59a54d19901880452ae

SHA256
9c81817acd4982632d8c7f1df3898fca1477577738184265d735f49fc5480f07

SHA512
134ff4022571efd46f7a62e99b857ebe834e9916c786345908010f9e1fb90be226b740ddee16ae9290fe45c86be7238c4555e422abe66a461d11545e19734beb

Download Submit
memory/2256-1-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download
memory/2256-10-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download
memory/2256-343-0x0000000000400000-0x0000000000428000-memory.dmp

Filesize
160KB

Download
memory/2856-339-0x00000000003D0000-0x00000000003D1000-memory.dmp

Filesize
4KB

Download
memory/2856-333-0x0000000000400000-0x000000000052E000-memory.dmp

Filesize
1.2MB

Download
memory/2856-11-0x0000000000400000-0x000000000052E000-memory.dmp

Filesize
1.2MB

Download
memory/2856-8-0x00000000003D0000-0x00000000003D1000-memory.dmp

Filesize
4KB

Download
memory/2856-342-0x0000000000400000-0x000000000052E000-memory.dmp

Filesize
1.2MB

Download