d4c8845ab6a2415b48bf5539f0d912f4d4f61e898e4e1c839c56784aae3631d2

Resubmissions

18-07-2024 18:20

240718-wyz2ha1ajp 3

18-07-2024 18:19

240718-wyjphszhqq 3

Analysis

max time kernel
149s
max time network
140s
platform
windows10-1703_x64
resource
win10-20240404-en
resource tags

arch:x64arch:x86image:win10-20240404-enlocale:en-usos:windows10-1703-x64system
submitted
18-07-2024 18:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Domain/bin/assets/ui.html
Size

4KB
MD5

6f8f041c68e7bc0067d7e6e4c3e9b824
SHA1

550b684e7e03154f5424271e97a33c1ada49d5db
SHA256

fbe5a564a1d50db2341cfd339f7feed965024c18ffb916fa77aae4651fa0e5ea
SHA512

88ae8526d6874f7480224672ae4a7e2557699f0423ef6f32dbcc68f0207a2ec0fca70af60e1bc8ba19c100f46d0f93d19b203b63a03543ee3289857a1e9dca3c
SSDEEP

96:HMA5Xrg16dLUWUU1MmUtJ9zYz50yZ5am7ZCpvMAEHIVzaGOc:HMA57g2LU9UamU/hkVZ5EpvMAEoVuGOc

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

Processes:

chrome.exe

description	ioc	process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

Processes:

chrome.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133658004817830571"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes:

chrome.exechrome.exe

pid process

936 chrome.exe
936 chrome.exe
4100 chrome.exe
4100 chrome.exe
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 2 IoCs

Processes:

chrome.exe

pid process

936 chrome.exe
936 chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

Processes:

chrome.exe

description	pid	process
Token: SeShutdownPrivilege	936	chrome.exe
Token: SeCreatePagefilePrivilege	936	chrome.exe
Token: SeShutdownPrivilege	936	chrome.exe
Token: SeCreatePagefilePrivilege	936	chrome.exe
Token: SeShutdownPrivilege	936	chrome.exe
Token: SeCreatePagefilePrivilege	936	chrome.exe
Token: SeShutdownPrivilege	936	chrome.exe
Token: SeCreatePagefilePrivilege	936	chrome.exe
Token: SeShutdownPrivilege	936	chrome.exe
Token: SeCreatePagefilePrivilege	936	chrome.exe
Token: SeShutdownPrivilege	936	chrome.exe
Token: SeCreatePagefilePrivilege	936	chrome.exe
Token: SeShutdownPrivilege	936	chrome.exe
Token: SeCreatePagefilePrivilege	936	chrome.exe
Token: SeShutdownPrivilege	936	chrome.exe
Token: SeCreatePagefilePrivilege	936	chrome.exe
Token: SeShutdownPrivilege	936	chrome.exe
Token: SeCreatePagefilePrivilege	936	chrome.exe
Token: SeShutdownPrivilege	936	chrome.exe
Token: SeCreatePagefilePrivilege	936	chrome.exe
Token: SeShutdownPrivilege	936	chrome.exe
Token: SeCreatePagefilePrivilege	936	chrome.exe
Token: SeShutdownPrivilege	936	chrome.exe
Token: SeCreatePagefilePrivilege	936	chrome.exe
Token: SeShutdownPrivilege	936	chrome.exe
Token: SeCreatePagefilePrivilege	936	chrome.exe
Token: SeShutdownPrivilege	936	chrome.exe
Token: SeCreatePagefilePrivilege	936	chrome.exe
Token: SeShutdownPrivilege	936	chrome.exe
Token: SeCreatePagefilePrivilege	936	chrome.exe
Token: SeShutdownPrivilege	936	chrome.exe
Token: SeCreatePagefilePrivilege	936	chrome.exe
Token: SeShutdownPrivilege	936	chrome.exe
Token: SeCreatePagefilePrivilege	936	chrome.exe
Token: SeShutdownPrivilege	936	chrome.exe
Token: SeCreatePagefilePrivilege	936	chrome.exe
Token: SeShutdownPrivilege	936	chrome.exe
Token: SeCreatePagefilePrivilege	936	chrome.exe
Token: SeShutdownPrivilege	936	chrome.exe
Token: SeCreatePagefilePrivilege	936	chrome.exe
Token: SeShutdownPrivilege	936	chrome.exe
Token: SeCreatePagefilePrivilege	936	chrome.exe
Token: SeShutdownPrivilege	936	chrome.exe
Token: SeCreatePagefilePrivilege	936	chrome.exe
Token: SeShutdownPrivilege	936	chrome.exe
Token: SeCreatePagefilePrivilege	936	chrome.exe
Token: SeShutdownPrivilege	936	chrome.exe
Token: SeCreatePagefilePrivilege	936	chrome.exe
Token: SeShutdownPrivilege	936	chrome.exe
Token: SeCreatePagefilePrivilege	936	chrome.exe
Token: SeShutdownPrivilege	936	chrome.exe
Token: SeCreatePagefilePrivilege	936	chrome.exe
Token: SeShutdownPrivilege	936	chrome.exe
Token: SeCreatePagefilePrivilege	936	chrome.exe
Token: SeShutdownPrivilege	936	chrome.exe
Token: SeCreatePagefilePrivilege	936	chrome.exe
Token: SeShutdownPrivilege	936	chrome.exe
Token: SeCreatePagefilePrivilege	936	chrome.exe
Token: SeShutdownPrivilege	936	chrome.exe
Token: SeCreatePagefilePrivilege	936	chrome.exe
Token: SeShutdownPrivilege	936	chrome.exe
Token: SeCreatePagefilePrivilege	936	chrome.exe
Token: SeShutdownPrivilege	936	chrome.exe
Token: SeCreatePagefilePrivilege	936	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

Processes:

chrome.exe

pid	process
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

Processes:

chrome.exe

pid	process
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe
936	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

chrome.exe

description	pid	process	target process
PID 936 wrote to memory of 4596	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 4596	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 1216	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 3936	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 3936	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 4548	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 4548	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 4548	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 4548	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 4548	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 4548	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 4548	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 4548	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 4548	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 4548	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 4548	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 4548	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 4548	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 4548	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 4548	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 4548	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 4548	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 4548	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 4548	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 4548	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 4548	936	chrome.exe	chrome.exe
PID 936 wrote to memory of 4548	936	chrome.exe	chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\Domain\bin\assets\ui.html
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:936

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ffaa49a9758,0x7ffaa49a9768,0x7ffaa49a9778
2⤵
PID:4596

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1520 --field-trial-handle=1772,i,17233398353041018533,17343096788001580078,131072 /prefetch:2
2⤵
PID:1216

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1832 --field-trial-handle=1772,i,17233398353041018533,17343096788001580078,131072 /prefetch:8
2⤵
PID:3936

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2104 --field-trial-handle=1772,i,17233398353041018533,17343096788001580078,131072 /prefetch:8
2⤵
PID:4548

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2828 --field-trial-handle=1772,i,17233398353041018533,17343096788001580078,131072 /prefetch:1
2⤵
PID:3376

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2836 --field-trial-handle=1772,i,17233398353041018533,17343096788001580078,131072 /prefetch:1
2⤵
PID:2316

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4500 --field-trial-handle=1772,i,17233398353041018533,17343096788001580078,131072 /prefetch:8
2⤵
PID:304

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4424 --field-trial-handle=1772,i,17233398353041018533,17343096788001580078,131072 /prefetch:8
2⤵
PID:3208

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.15063.0 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2280 --field-trial-handle=1772,i,17233398353041018533,17343096788001580078,131072 /prefetch:2
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:4100

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2928

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
Filesize
1KB

MD5
39755501502c58ffa7e215e412b3bf0e

SHA1
5775886e82d68f8f538d770a8f9702d5519617f9

SHA256
3b15530f3539f6770af52614b0532d9806eb5752ad39ddec07ae2537b545ab1f

SHA512
259e43decd21ef0aa3bdc1e5d2cf81a4ebb868908175bf4a3b26499d3331ae389e2fa6a36919aceff4142ef99afb09caaf8a32afe5a774bd1bb0477cb0160819

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
Filesize
707B

MD5
4cd647cc1eee5abfce1e5eaebcd19f42

SHA1
46f0825fec0af22b2b1fdbe16011887937e27ff5

SHA256
cb68c5a71d5aa39d8652f62323938e5bdc66d116dcfaed07883b4431aa373e7a

SHA512
3e8a9d53d8890a8a3c69ceec3d4f3610ecf55cf3b8c30b2287532a0b24079bb672a5a98a0c20b2b5eae48efb21db99da939d6a8ff59b3feaa665b49cfd600959

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
5KB

MD5
4a8723f90f491033fa75577f31df764e

SHA1
2d2959118efaa10345d436352ca110511c109b59

SHA256
6aa49b938fb11effe47d21d54e51947bd94f25fab4f7a17d2a497890a042bf1b

SHA512
25ff0bd43ef6e84d6544b47a191f3c43d6f261746bf421ecd97dd46825a63846c6a33ea1e445657d27f2fb01942577202f931d0f7c2a9aeab69dd9c8e7b52598

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
5KB

MD5
4be31aeee0fb93e0522e429b7af344ab

SHA1
8c0a7bd96badfaf296c2adac7915e9a79e92e7bd

SHA256
e85f3d0790d3785722bda1f6f62d2e4c09df5a3c8d143c76cce32ddc63de19de

SHA512
e135e2c509d4fcbcb274d91eef4d004b39b0cc3283cfbabd5489f5d5c70e3bf2368ac8744d5528c7c70a7d414be7048f730866ab145cb7e1ed441f424582ee22

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Filesize
5KB

MD5
cdebd933aaaa598565f1b0e889bb5bbb

SHA1
e92135639680dac98f8e63fd107962c73f1ae2bf

SHA256
d3e639f14d341c5770f543b1e8037f05886664aa53b3f3062fbced89afb5dd4c

SHA512
e60d2c27a634c5a7dc3f3d3b5b346672fca9dd0def136dbb5cf7135e3fa2cbf675f6c3f917f7609e93999421e8a77bdb59195909deacf3ca64e651cd3b8b5d52

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\e8e6b261-c0ac-4101-8ca0-c1b3c4d1ca39.tmp
Filesize
136KB

MD5
6f156bc1cc35ac5d6b0a674dff43ae1e

SHA1
6f389815d3bb7f27f47ae1ee5a1c25fde23c64af

SHA256
e6d82465275f23d447f8ff9c2f71597f58a287ba65b4facd0fcd55de17cea330

SHA512
176f6e82593d08bb4aae26dcf2f99696eab6836fd321e9551b21baaf075be74e5c812af1e9b838b3bf8e899947e4533f4208d667d96347a4dcaa154a5610ed6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
\??\pipe\crashpad_936_HNNQSGPHOTZKGVIB
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit