8fc3b1fa5ecb087e05099a67e7b39a8b452830b2e36c50a1c2c5f179c74e5402

Resubmissions

14/03/2024, 22:37

240314-2js8asbc83 7

14/03/2024, 22:36

14/03/2024, 22:34

14/03/2024, 22:29

14/03/2024, 22:22

Analysis

max time kernel
150s
max time network
162s
platform
windows10-2004_x64
resource
win10v2004-20240226-de
resource tags

arch:x64arch:x86image:win10v2004-20240226-delocale:de-deos:windows10-2004-x64systemwindows
submitted
14/03/2024, 22:37

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

sscserviceutilitiy_4.30.zip
Size

936KB
MD5

37bb9a60ca4c12ccfebc3525d3471ebe
SHA1

893d65250d8304ed0ef86f1f1a16491ee7db4459
SHA256

8fc3b1fa5ecb087e05099a67e7b39a8b452830b2e36c50a1c2c5f179c74e5402
SHA512

d853ef9e5447c337cab104f3eabd0dbdf71dd70fc94e9e28f97bf6bf14dc1b63878642a831d34764c00df95c2525ebd442ad946142ffba936269f352e3cf9f0d
SSDEEP

12288:aEKU/P6S1pHJYWVJixGmTzK0f5lRY68AD75+Vm0UFAXVN8qh7KKncarSFDkV:rHt1lJYQyKAxwVmu3npeFk

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133549294800545735"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2432	chrome.exe
2432	chrome.exe
5320	chrome.exe
5320	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 3 IoCs

pid	Process
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe
Token: SeShutdownPrivilege	2432	chrome.exe
Token: SeCreatePagefilePrivilege	2432	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe
2432	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2432 wrote to memory of 1428	2432	chrome.exe	97
PID 2432 wrote to memory of 1428	2432	chrome.exe	97
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 2464	2432	chrome.exe	99
PID 2432 wrote to memory of 4204	2432	chrome.exe	100
PID 2432 wrote to memory of 4204	2432	chrome.exe	100
PID 2432 wrote to memory of 2612	2432	chrome.exe	101
PID 2432 wrote to memory of 2612	2432	chrome.exe	101
PID 2432 wrote to memory of 2612	2432	chrome.exe	101
PID 2432 wrote to memory of 2612	2432	chrome.exe	101
PID 2432 wrote to memory of 2612	2432	chrome.exe	101
PID 2432 wrote to memory of 2612	2432	chrome.exe	101
PID 2432 wrote to memory of 2612	2432	chrome.exe	101
PID 2432 wrote to memory of 2612	2432	chrome.exe	101
PID 2432 wrote to memory of 2612	2432	chrome.exe	101
PID 2432 wrote to memory of 2612	2432	chrome.exe	101
PID 2432 wrote to memory of 2612	2432	chrome.exe	101
PID 2432 wrote to memory of 2612	2432	chrome.exe	101
PID 2432 wrote to memory of 2612	2432	chrome.exe	101
PID 2432 wrote to memory of 2612	2432	chrome.exe	101
PID 2432 wrote to memory of 2612	2432	chrome.exe	101
PID 2432 wrote to memory of 2612	2432	chrome.exe	101
PID 2432 wrote to memory of 2612	2432	chrome.exe	101
PID 2432 wrote to memory of 2612	2432	chrome.exe	101
PID 2432 wrote to memory of 2612	2432	chrome.exe	101
PID 2432 wrote to memory of 2612	2432	chrome.exe	101
PID 2432 wrote to memory of 2612	2432	chrome.exe	101
PID 2432 wrote to memory of 2612	2432	chrome.exe	101

C:\Windows\Explorer.exe
C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\sscserviceutilitiy_4.30.zip
1⤵
PID:3568

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2432
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x108,0x10c,0x110,0xe4,0x114,0x7ffd19579758,0x7ffd19579768,0x7ffd19579778
  2⤵
  PID:1428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1656 --field-trial-handle=1880,i,10084580377412087750,12621574953853815617,131072 /prefetch:2
  2⤵
  PID:2464
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 --field-trial-handle=1880,i,10084580377412087750,12621574953853815617,131072 /prefetch:8
  2⤵
  PID:4204
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2220 --field-trial-handle=1880,i,10084580377412087750,12621574953853815617,131072 /prefetch:8
  2⤵
  PID:2612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2936 --field-trial-handle=1880,i,10084580377412087750,12621574953853815617,131072 /prefetch:1
  2⤵
  PID:2364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2944 --field-trial-handle=1880,i,10084580377412087750,12621574953853815617,131072 /prefetch:1
  2⤵
  PID:636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4616 --field-trial-handle=1880,i,10084580377412087750,12621574953853815617,131072 /prefetch:1
  2⤵
  PID:2212
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5096 --field-trial-handle=1880,i,10084580377412087750,12621574953853815617,131072 /prefetch:8
  2⤵
  PID:4428
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5208 --field-trial-handle=1880,i,10084580377412087750,12621574953853815617,131072 /prefetch:8
  2⤵
  PID:3164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5004 --field-trial-handle=1880,i,10084580377412087750,12621574953853815617,131072 /prefetch:8
  2⤵
  PID:1636
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3768 --field-trial-handle=1880,i,10084580377412087750,12621574953853815617,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5320

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:416

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
8794453d264715101cd53b5575b63d6a

SHA1
c4e48198d6bd31a43cf207c7ec4e40ead4352e4d

SHA256
8f0958cc695e9070e00541799c70311fd1bed88a669545bb98ae92044540ede4

SHA512
01a1320ebec79902ebdac1e9023ddff3045942b33f9df4d22f60662a708c8ba49e302ca89d873ea538010fce55fd3b72b5d4ebbeda6bcf574bc82dec9b7f0068

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
369B

MD5
30d7ef5941dbf2b1f51e9bf844deded2

SHA1
9d042e659d118e9211b1bd40bf41325e1bd6c6e0

SHA256
ecd3e54b5f071682f4d88083bbb68d990e86d837ddc18ff17e06de26f3484de9

SHA512
6b97e221846329ec4065576e631735ac2b864fcaad297e32150eb17d86801df95ea436b417e0aec088b8c0e5be36684dad02d9a8bed3b325de3de62f3202593d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
ed7b7cf04190c603065aa697d5919e6b

SHA1
52bdd9a6a35ac3f405d74b61e070dcfc3ec4d626

SHA256
dcb65ea68f5f74f5078174068d1a27f03a062fe5df11fbf6ed3ed47be748c58f

SHA512
0d3e0ff1f16520bcfdc9a25cf36296984c84689d3484d290f85d5cc1d2059399da484a01f9b9ee47a1ddb3793758d52a958a74c4c9bfc55ae76eafff40b4d520

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
ba11ca39a761c195644d478f2d7c6493

SHA1
abca0838dc4d2a23713becaa1d6b35461a8a61ef

SHA256
a8368b5c16fca71def3c94954e47c31cd24328611a76f24f99208d5559fb0692

SHA512
d691b6ad1475544ff0c618aa0a5d87fcba977524255a168f37d3341bdc044b9e331eaea4b7f8b0e675ccd8dfb3b8dcf756d3fda55969646252faeae3f609dffa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
661cea05815a044b8da3b37811fee150

SHA1
9211a7bbab192d2f998e6e19e4b8dad8242730fc

SHA256
12727b2161e8d3ebd0e6854f5f765d492ac6c62dcdc3624fe24310cfbff7c581

SHA512
6fa7d82f3ee3bac30c990a8ee6cb47f8302b309f29120128e886d31cbe6fee613c1f791f21396cdc2d0e6a2bca33cf01d439721ce7787884e6183df5d1f4b301

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
258KB

MD5
90a3e1c469f7b09f744f81ce8f9391f7

SHA1
6c8d349bef256f7a5f464843c0059be54ca3ff76

SHA256
ae5a17b4ff083add949da5860f50a4a206c49d16f77edf908aadb5998fc79c1f

SHA512
55a0ca7ddcabed0e12b9e73f9c24955ca1f2101fb1fa893adafd3fdcb97fefccc902b29bb98b8013f18c5f878c3a2148558dd5965ea9b623df623e416150756b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit