Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

mingw-get-setup.exe

windows7-x64

7

mingw-get-setup.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    111s
  • max time network
    92s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    20/05/2023, 19:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    mingw-get-setup.exe

  • Size

    91KB

  • MD5

    60737d3eabafc0def38e26fa31648b35

  • SHA1

    997a8f7136da1ae6c188b98aab6042293558f5a7

  • SHA256

    a5de8c70676fdd157414e3116c7cb6f3dba48e549b5880177b10e4e6bc6c282e

  • SHA512

    cc455b3092614452163700ab195d8dd9fd2f45836e62933a4f48b4952ab8ae820883d37331fe7ed4b2355947e04dcd18df2a0355a753b8ebbe49f0b5615162de

  • SSDEEP

    1536:sCbVtp1jq4DLe4/aBwRWfDwcGXccHRv0xWr6sRsOGz4E9c1/nouy8gPAB:VbV5jqGKaamRWfzGMEco+OBOcVoutgM

Score
7/10
upx

Malware Config

Signatures

  • Executes dropped EXE 2 IoCs
  • Loads dropped DLL 7 IoCs
  • UPX packed file 5 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of WriteProcessMemory 12 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\mingw-get-setup.exe
    "C:\Users\Admin\AppData\Local\Temp\mingw-get-setup.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of WriteProcessMemory
    PID:1324
    • C:\Windows\SysWOW64\wscript.exe
      wscript -nologo C:\MinGW\libexec\mingw-get\shlink.js --all-users --start-menu --description "MinGW Installation Manager" C:\MinGW\libexec\mingw-get\guimain.exe "MinGW Installation Manager"
      2⤵
      • Loads dropped DLL
      PID:900
    • C:\Windows\SysWOW64\wscript.exe
      wscript -nologo C:\MinGW\libexec\mingw-get\shlink.js --all-users --desktop --description "MinGW Installation Manager" C:\MinGW\libexec\mingw-get\guimain.exe "MinGW Installer"
      2⤵
      • Loads dropped DLL
      PID:1580
  • C:\MinGW\libexec\mingw-get\guimain.exe
    "C:\MinGW\libexec\mingw-get\guimain.exe"
    1⤵
    • Executes dropped EXE
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1624
    • C:\MinGW\libexec\mingw-get\lastrites.exe
      lastrites
      2⤵
      • Executes dropped EXE
      PID:1580

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\MinGW\libexec\mingw-get\guimain.exe
    Filesize

    152KB

    MD5

    1cbf02d5e8ab53f505140865d4010d76

    SHA1

    b696e891ea955f1cb076a3e109b1e4956a0505e6

    SHA256

    793586527e07a38c3337ae75ff3bf628012011c56a11285f1758d6703d28da10

    SHA512

    b190b5d4cfc0bc662d3305379470d3c08e30eac3e1365df943a25ad8d6a80b8678e4234e0ecf44b31dab7ab5963a92d3abec6e9280777ebb29f91622bec22e24

    Download Submit

  • C:\MinGW\libexec\mingw-get\guimain.exe
    Filesize

    152KB

    MD5

    1cbf02d5e8ab53f505140865d4010d76

    SHA1

    b696e891ea955f1cb076a3e109b1e4956a0505e6

    SHA256

    793586527e07a38c3337ae75ff3bf628012011c56a11285f1758d6703d28da10

    SHA512

    b190b5d4cfc0bc662d3305379470d3c08e30eac3e1365df943a25ad8d6a80b8678e4234e0ecf44b31dab7ab5963a92d3abec6e9280777ebb29f91622bec22e24

    Download Submit

  • C:\MinGW\libexec\mingw-get\lastrites.exe
    Filesize

    34KB

    MD5

    6cab3aacce3f112579510c8271f139c4

    SHA1

    1de85d084954e71911427ca812e971a691cc0517

    SHA256

    98929c06c861b8b79482d974f69cd8f9b29ddaea9b02507e42a82f9a7ae3d11a

    SHA512

    8ecc3f532027c84134303dfb834237368e363f58dfa108a7dfb2957f3c35ad44e82c369de60b6777138c26809d1800c5c74c691efd1fd6d0137ee1c8049fa8fb

    Download Submit

  • C:\MinGW\libexec\mingw-get\lastrites.exe
    Filesize

    34KB

    MD5

    6cab3aacce3f112579510c8271f139c4

    SHA1

    1de85d084954e71911427ca812e971a691cc0517

    SHA256

    98929c06c861b8b79482d974f69cd8f9b29ddaea9b02507e42a82f9a7ae3d11a

    SHA512

    8ecc3f532027c84134303dfb834237368e363f58dfa108a7dfb2957f3c35ad44e82c369de60b6777138c26809d1800c5c74c691efd1fd6d0137ee1c8049fa8fb

    Download Submit

  • C:\MinGW\libexec\mingw-get\mingw-get-0.dll
    Filesize

    550KB

    MD5

    1c56dbb1ed0b166444ea83fce0abe31f

    SHA1

    55b2663e82b5995656c9886cd5a0e25d2db9972b

    SHA256

    bdfd256c171045c9692f79759d1896ffb46e211640a72226ab13c3035d8bd583

    SHA512

    b4ab3bb1d32ea0f464c408ec1f5037c1441ab072f165b933f44224fff6d5156adedc9d03e4637fc5a829e3de04c3329a0700bd9c56cb2b1bb1b0d4730cbce27f

    Download Submit

  • C:\MinGW\libexec\mingw-get\shlink.js
    Filesize

    10KB

    MD5

    f0861da48872feb2c68f37ba56b32ccf

    SHA1

    8c70edbc076b6dcf343928dee7bfdecf0ae1428e

    SHA256

    62f8d0e08a6766f03f681653608550f46668f8a84e6173fb49a8c447e47e1dfe

    SHA512

    d9239f711e0537afa839e40e3da38fd93a0a664bd04a715143138803ad41c519e2eba2dcd3d00480fffad010cb243e33528660369d57330db4f228012c807144

    Download Submit

  • C:\MinGW\var\cache\mingw-get\data\.in-transit\package-list.xml
    Filesize

    493B

    MD5

    f124d9187137d6965a4857cd82343cd1

    SHA1

    ef0cbc6b68ad0c716eb19eeb9f974d3a708042ea

    SHA256

    879835005c823d719a788f185c4ff218deb900e584e4e9165aea00dbcd71a371

    SHA512

    1e98ad4ac5dac5a9672339814994f5573b24b5f0498d4795bc65dacb5e91dad0e40cedac6966140c34073280c1fe8963e77b441565e654aa70e6d5d0f6c2da9e

    Download Submit

  • C:\MinGW\var\cache\mingw-get\data\package-list.xml
    Filesize

    493B

    MD5

    f124d9187137d6965a4857cd82343cd1

    SHA1

    ef0cbc6b68ad0c716eb19eeb9f974d3a708042ea

    SHA256

    879835005c823d719a788f185c4ff218deb900e584e4e9165aea00dbcd71a371

    SHA512

    1e98ad4ac5dac5a9672339814994f5573b24b5f0498d4795bc65dacb5e91dad0e40cedac6966140c34073280c1fe8963e77b441565e654aa70e6d5d0f6c2da9e

    Download Submit

  • C:\MinGW\var\cache\mingw-get\packages\mingw-get-0.6.3-mingw32-pre-20170905-1-bin.tar.xz
    Filesize

    262KB

    MD5

    cbadecd046524947608d284878ec8942

    SHA1

    4cea1a0da590cf40ec82ad665d342ca46fac8112

    SHA256

    82552612bdcee990152e2806d2ebf29990129679508db48479af922fc017d5d9

    SHA512

    3a24c1d38d5175fdeba0a82b902635632c571da4febb59b3b78601ba1986773788912c8f047caf11f0bb4f8f58a67bcde6203a2f790129093f65eeb558d5d568

    Download Submit

  • C:\MinGW\var\cache\mingw-get\packages\mingw-get-0.6.3-mingw32-pre-20170905-1-gui.tar.xz
    Filesize

    63KB

    MD5

    f6098e8e7b53366872ede448295f7858

    SHA1

    23b765d5a643c0e4bac762c9a15e9c2a91a00a58

    SHA256

    1acec5de7f08b5f806a567bda423a060b305722f725df6e265d083f745d04356

    SHA512

    6d7a4f57617083db43a5cbcb23d7472bdde5cc8cce3ff52e9f76378208cb8c9acf674815d6e551d6ae00527ade7d017d55166a6040798e1fa96c4a228bdb9be8

    Download Submit

  • C:\MinGW\var\cache\mingw-get\packages\mingw-get-0.6.3-mingw32-pre-20170905-1-lic.tar.xz
    Filesize

    11KB

    MD5

    f18ede16328cbc686aa9b4850552a31e

    SHA1

    9f726f6d37c11d0eebd89aa530fa29a738844e14

    SHA256

    8265c4e66f94a64307abb907f84c1caf0fe746cefb517081be3e9d5b59a18747

    SHA512

    ea6ea80b5c71c6015fd3dc6ff7c8541deabe8cfed33bc23b61af61ad4e3e4c2482779d37e246863a143a03d0147b1c0c58c3d64eadb223a8fd8aac7b97855174

    Download Submit

  • C:\MinGW\var\lib\mingw-get\data\profile.xml
    Filesize

    5KB

    MD5

    cdd18aad7799b67bfc6f4e84f91af812

    SHA1

    ee063eaa1474add88074b896dca98ce9337281bb

    SHA256

    b8eacd302acd073e5d2b60241737573f32aca1cf1969d834a59aa2262e001e7f

    SHA512

    a2043aa1a9a511ecf392c2502c81d87fcc584cac859eb38ad9ed3b86ede82e25a566b1336f379144edadf882eaeaea62a3e19051e84fce9e28b8f1607c857882

    Download Submit

  • C:\MinGW\var\lib\mingw-get\data\profile.xml
    Filesize

    5KB

    MD5

    cdd18aad7799b67bfc6f4e84f91af812

    SHA1

    ee063eaa1474add88074b896dca98ce9337281bb

    SHA256

    b8eacd302acd073e5d2b60241737573f32aca1cf1969d834a59aa2262e001e7f

    SHA512

    a2043aa1a9a511ecf392c2502c81d87fcc584cac859eb38ad9ed3b86ede82e25a566b1336f379144edadf882eaeaea62a3e19051e84fce9e28b8f1607c857882

    Download Submit

  • C:\MinGW\var\lib\mingw-get\data\sysroot-0-002-a7c6-d7dbb5.xml
    Filesize

    359B

    MD5

    552f0b2351f4f938bd0dd1e65b4f1cae

    SHA1

    6628290cad071a5619659096eac82c09bce2c4d2

    SHA256

    28b09d1401b15d5916ebebb25dc5a10450f0f36e8b36448f1345d7862069ecbc

    SHA512

    36035c5380de8bbdc61ef50cd8979f5cb7b183cb7035b110f3a4cb10c562b35de5633af018404823f997ce9e47969fc4bd25c388604e4bc1ee289c1caeefa4e7

    Download Submit

  • \MinGW\libexec\mingw-get\guimain.exe
    Filesize

    152KB

    MD5

    1cbf02d5e8ab53f505140865d4010d76

    SHA1

    b696e891ea955f1cb076a3e109b1e4956a0505e6

    SHA256

    793586527e07a38c3337ae75ff3bf628012011c56a11285f1758d6703d28da10

    SHA512

    b190b5d4cfc0bc662d3305379470d3c08e30eac3e1365df943a25ad8d6a80b8678e4234e0ecf44b31dab7ab5963a92d3abec6e9280777ebb29f91622bec22e24

    Download Submit

  • \MinGW\libexec\mingw-get\guimain.exe
    Filesize

    152KB

    MD5

    1cbf02d5e8ab53f505140865d4010d76

    SHA1

    b696e891ea955f1cb076a3e109b1e4956a0505e6

    SHA256

    793586527e07a38c3337ae75ff3bf628012011c56a11285f1758d6703d28da10

    SHA512

    b190b5d4cfc0bc662d3305379470d3c08e30eac3e1365df943a25ad8d6a80b8678e4234e0ecf44b31dab7ab5963a92d3abec6e9280777ebb29f91622bec22e24

    Download Submit

  • \MinGW\libexec\mingw-get\lastrites.exe
    Filesize

    34KB

    MD5

    6cab3aacce3f112579510c8271f139c4

    SHA1

    1de85d084954e71911427ca812e971a691cc0517

    SHA256

    98929c06c861b8b79482d974f69cd8f9b29ddaea9b02507e42a82f9a7ae3d11a

    SHA512

    8ecc3f532027c84134303dfb834237368e363f58dfa108a7dfb2957f3c35ad44e82c369de60b6777138c26809d1800c5c74c691efd1fd6d0137ee1c8049fa8fb

    Download Submit

  • \MinGW\libexec\mingw-get\lastrites.exe
    Filesize

    34KB

    MD5

    6cab3aacce3f112579510c8271f139c4

    SHA1

    1de85d084954e71911427ca812e971a691cc0517

    SHA256

    98929c06c861b8b79482d974f69cd8f9b29ddaea9b02507e42a82f9a7ae3d11a

    SHA512

    8ecc3f532027c84134303dfb834237368e363f58dfa108a7dfb2957f3c35ad44e82c369de60b6777138c26809d1800c5c74c691efd1fd6d0137ee1c8049fa8fb

    Download Submit

  • \MinGW\libexec\mingw-get\mingw-get-0.dll
    Filesize

    550KB

    MD5

    1c56dbb1ed0b166444ea83fce0abe31f

    SHA1

    55b2663e82b5995656c9886cd5a0e25d2db9972b

    SHA256

    bdfd256c171045c9692f79759d1896ffb46e211640a72226ab13c3035d8bd583

    SHA512

    b4ab3bb1d32ea0f464c408ec1f5037c1441ab072f165b933f44224fff6d5156adedc9d03e4637fc5a829e3de04c3329a0700bd9c56cb2b1bb1b0d4730cbce27f

    Download Submit

  • \MinGW\libexec\mingw-get\mingw-get-0.dll
    Filesize

    550KB

    MD5

    1c56dbb1ed0b166444ea83fce0abe31f

    SHA1

    55b2663e82b5995656c9886cd5a0e25d2db9972b

    SHA256

    bdfd256c171045c9692f79759d1896ffb46e211640a72226ab13c3035d8bd583

    SHA512

    b4ab3bb1d32ea0f464c408ec1f5037c1441ab072f165b933f44224fff6d5156adedc9d03e4637fc5a829e3de04c3329a0700bd9c56cb2b1bb1b0d4730cbce27f

    Download Submit

  • \MinGW\libexec\mingw-get\mingw-get-setup-0.dll
    Filesize

    143KB

    MD5

    42fa2eba01d71aab3cbd8a276ab81e54

    SHA1

    8cee36f8d93df4c87e28df8580a5987bce47b31d

    SHA256

    3ebf0315c62276f63eb19cd96e05e03f27b2241cb1a79a764e004684181c756f

    SHA512

    d22fa8be5b7a4f3f264f7655bcf8628920589a5a0cb4e1ceb18894c494090b40e0fdc07547e7bf1e0bf26ab81c5aa83ef5b8f481aaffc2d663ef5e5c4dcbd75b

    Download Submit

  • memory/1324-368-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-353-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-391-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-390-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-389-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-388-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-386-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-385-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-384-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-383-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-381-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-380-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-379-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-377-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-378-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-375-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-374-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-373-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-372-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-370-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-369-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-393-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-367-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-365-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-364-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-363-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-362-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-361-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-359-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-358-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-357-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-356-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-354-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-392-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-352-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-351-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-350-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-348-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-347-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-346-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-345-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-343-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-342-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-341-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-340-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-395-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-394-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-387-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-382-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-376-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-371-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-339-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-337-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-336-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-334-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-484-0x0000000000400000-0x000000000043B000-memory.dmp

    Filesize

    236KB

    Download

  • memory/1324-366-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-360-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-355-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-349-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-344-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-338-0x0000000001EB0000-0x0000000001EDF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1324-57-0x0000000000400000-0x000000000043B000-memory.dmp

    Filesize

    236KB

    Download

  • memory/1324-56-0x0000000000400000-0x000000000043B000-memory.dmp

    Filesize

    236KB

    Download

  • memory/1324-55-0x0000000000400000-0x000000000043B000-memory.dmp

    Filesize

    236KB

    Download

  • memory/1324-54-0x0000000000400000-0x000000000043B000-memory.dmp

    Filesize

    236KB

    Download