Import table
advapi32.dll
LookupPrivilegeNameW, SetTokenInformation, ConvertStringSidToSidW, DuplicateTokenEx, CreateProcessAsUserW, AdjustTokenPrivileges, LookupPrivilegeValueW, CheckTokenMembership, CreateWellKnownSid, GetTokenInformation, OpenProcessToken, ControlService, DeleteService, CloseServiceHandle, StartServiceW, QueryServiceStatus, RegDeleteValueW, RegSetValueExW, RegCreateKeyW, RegOpenKeyExW, SetNamedSecurityInfoW, SetEntriesInAclW, BuildExplicitAccessWithNameW, GetNamedSecurityInfoW, SetSecurityDescriptorDacl, InitializeSecurityDescriptor, RegCloseKey, RegQueryValueExW, RegOpenKeyW, OpenSCManagerW, OpenServiceW, RegCreateKeyExW
kernel32.dll
lstrlenW, WideCharToMultiByte, WaitForSingleObject, CreateEventA, SetEvent, InterlockedIncrement, InterlockedDecrement, LeaveCriticalSection, InterlockedExchange, GetLastError, EnterCriticalSection, InterlockedExchangeAdd, PostQueuedCompletionStatus, TlsAlloc, TlsFree, InitializeCriticalSection, DeleteCriticalSection, CreateEventW, GetCurrentThreadId, lstrlenA, SearchPathW, CreateProcessW, FindFirstFileW, FindNextFileW, FindClose, GetFileAttributesExW, SetFileAttributesW, DeleteFileW, GetSystemDefaultLCID, SizeofResource, LockResource, LoadResource, FindResourceW, FindResourceExW, OutputDebugStringW, LoadLibraryW, GetProcAddress, FreeLibrary, GetModuleFileNameW, CreateDirectoryW, CopyFileW, MultiByteToWideChar, GetLocalTime, ConnectNamedPipe, DisconnectNamedPipe, CreateNamedPipeW, CreateThread, WaitNamedPipeW, SetNamedPipeHandleState, WriteFile, WritePrivateProfileStringW, GetPrivateProfileIntW, GetPrivateProfileStringW, GetPrivateProfileSectionNamesW, CreateMutexW, CreateToolhelp32Snapshot, OpenProcess, TerminateProcess, GetCurrentProcess, VirtualAllocEx, GetModuleHandleW, ReadProcessMemory, VirtualFreeEx, SetPriorityClass, SetThreadPriority, GetCurrentThread, Process32FirstW, Process32NextW, GetLogicalDriveStringsW, lstrcmpiW, QueryDosDeviceW, TerminateThread, ResumeThread, GetVersionExW, GetSystemInfo, GetSystemDefaultLangID, GetSystemDirectoryW, GetSystemWindowsDirectoryW, ProcessIdToSessionId, DeviceIoControl, GetProcessHeap, HeapSize, HeapReAlloc, HeapFree, HeapAlloc, HeapDestroy, InitializeCriticalSectionAndSpinCount, RaiseException, GetSystemTimeAsFileTime, GetCurrentProcessId, GetTickCount, QueryPerformanceCounter, IsDebuggerPresent, SetUnhandledExceptionFilter, UnhandledExceptionFilter, InterlockedCompareExchange, Sleep, DecodePointer, EncodePointer, OutputDebugStringA, CloseHandle, CreateFileW, ReadFile, SetFilePointer, GetFileSize, FormatMessageA, TlsGetValue, OpenEventA, ResetEvent, TlsSetValue, SystemTimeToFileTime, WaitForMultipleObjects, SetWaitableTimer, CreateWaitableTimerA, LocalFree, IsProcessorFeaturePresent, MoveFileW, MoveFileExW, GetFileAttributesW, GetFileTime, GetExitCodeThread, GetQueuedCompletionStatus, CreateIoCompletionPort, GlobalAlloc, GlobalFree, GetVolumeInformationW
msvcp100.dll
DllMain
msvcr100.dll
DllMain
ole32.dll
OleRun, CoInitializeSecurity, CoUninitialize, CoInitialize, CoSetProxyBlanket, CoInitializeEx, CoCreateInstance
powrprof.dll
SetSuspendState
psapi.dll
EnumProcessModules, GetProcessImageFileNameW, GetModuleFileNameExW, EnumProcesses
rpcrt4.dll
UuidFromStringW
shell32.dll
SHChangeNotify, ShellExecuteExW, ShellExecuteW, SHFileOperationW, SHGetFolderPathW, SHGetFolderPathAndSubDirW, Shell_NotifyIconW, SHGetDesktopFolder, SHAddToRecentDocs, SHGetSpecialFolderPathW
shlwapi.dll
PathAppendW, PathRenameExtensionW, PathCanonicalizeW, PathIsURLW, PathIsDirectoryW, SHDeleteKeyW, PathRemoveFileSpecW, PathRemoveExtensionW, PathFindFileNameW, PathCombineW, SHGetValueW, StrCmpW, PathFileExistsW, PathFindExtensionW
user32.dll
ExitWindowsEx, MoveWindow, ScreenToClient, GetWindowRect, GetSystemMetrics, DestroyIcon, SendMessageW, FindWindowExW, FindWindowW, EnumWindows, IsIconic, ShowWindow, SetForegroundWindow, GetWindowThreadProcessId, DefWindowProcW, CreateWindowExW, PostMessageW, DestroyWindow, RegisterClassW, LockWorkStation, MessageBoxW, GetParent, wsprintfW
userenv.dll
DestroyEnvironmentBlock, CreateEnvironmentBlock
version.dll
VerQueryValueW, GetFileVersionInfoSizeW, GetFileVersionInfoW
winmm.dll
timeSetEvent, PlaySoundW, timeKillEvent
wtsapi32.dll
WTSDisconnectSession
Export table
AddApplicationToExceptionListA
AddApplicationToExceptionListW
CanLaunchMultiplayerGameW
crc
CRC32
CRC32_file
CreatePipeAndListen
Decrypt
EnableFileAccountPrivilege
Encrypt
Execute
GetComputerIP
GetDailyTaskSettings
GetMusicAttribs
GetUnitUID
GetVideoAttribs
ip_int2str
ip_str2int
IsSchedulerTaskRunning
IsValidIP
LaunchAppAsAdminUser
LaunchAppAsStdUser
ObtainExplorerToken
OpenLinkURL
PlayWavFile
RegisterExeTask
RemoveApplicationFromExceptionListA
RemoveApplicationFromExceptionListW
RemoveSchedulerTask
SendPipeMsg
UpdateIEBrowserRenderVersion
WMI_DeviceQuery
xor_crypt
