Import table
advapi32.dll
RegCreateKeyExW, RegSetValueExW, QueryServiceConfigW, AdjustTokenPrivileges, ControlService, BuildExplicitAccessWithNameW, RegOpenKeyExW, RevertToSelf, SetEntriesInAclW, ChangeServiceConfigW, ImpersonateLoggedOnUser, DuplicateTokenEx, StartServiceW, QueryServiceObjectSecurity, LookupPrivilegeValueW, SetSecurityDescriptorDacl, CreateProcessWithTokenW, InitializeSecurityDescriptor, RegQueryValueExW, OpenServiceW, SetServiceObjectSecurity, OpenSCManagerW, OpenProcessToken, CloseServiceHandle, RegCloseKey, RegFlushKey, RegEnumValueW, RegDeleteKeyValueW, GetTokenInformation, GetSidSubAuthorityCount, GetSidSubAuthority, RegGetValueW, RegSetKeyValueW, RegDeleteKeyW, GetSecurityDescriptorDacl
crypt32.dll
CertVerifyCertificateChainPolicy
dxgi.dll
CreateDXGIFactory
gdi32.dll
CreateFontIndirectW, GetDeviceCaps, GetObjectW, SetTextColor
kernel32.dll
LeaveCriticalSection, InitializeCriticalSectionAndSpinCount, WriteFile, SetFilePointer, LoadLibraryW, LocalAlloc, CreateFileW, OutputDebugStringW, QueryFullProcessImageNameW, CreateThread, SuspendThread, FlushFileBuffers, DeleteFileTransactedW, DuplicateHandle, SetLastError, OpenThread, QueueUserAPC, Thread32Next, GetExitCodeProcess, AssignProcessToJobObject, TerminateThread, Thread32First, CopyFileTransactedW, CreateJobObjectW, SetInformationJobObject, EnterCriticalSection, DeleteCriticalSection, ExitProcess, GetSystemTime, IsWow64Process, ExpandEnvironmentStringsW, CreateToolhelp32Snapshot, FindNextFileW, LoadLibraryExA, GetProcessId, MoveFileTransactedW, DeleteFileW, ReleaseMutex, GetProcAddress, GetModuleFileNameW, Sleep, GetTickCount, WaitForSingleObject, InterlockedDecrement, InterlockedIncrement, LoadLibraryExW, FreeLibrary, CreateMutexW, LocalFree, GetWindowsDirectoryW, GetLastError, RaiseException, FormatMessageW, CloseHandle, GetModuleHandleW, CreateProcessW, GetCommandLineW, InterlockedExchange, InterlockedCompareExchange, SetUnhandledExceptionFilter, GetModuleHandleA, QueryPerformanceCounter, GetCurrentProcessId, GetCurrentThreadId, GetSystemTimeAsFileTime, UnhandledExceptionFilter, GetCurrentProcess, TerminateProcess, GetEnvironmentVariableW, FindFirstFileW, SystemTimeToFileTime, CompareFileTime, SetEnvironmentVariableW, SetEvent, OpenProcess, GetVersionExW, MulDiv, FindClose, GetLocalTime, CreateEventW, WaitForMultipleObjects, MapViewOfFile, CreateFileMappingW, GetTempFileNameW, HeapAlloc, MoveFileExW, HeapFree, GetProcessHeap, CopyFileW, ReadProcessMemory, GetFileAttributesW, FileTimeToSystemTime, Process32FirstW, Process32NextW
ktmw32.dll
RollbackTransaction, CreateTransaction, CommitTransaction
msvcrt.dll
DllMain
ntdll.dll
ZwOpenSection, ZwClose, ZwMakeTemporaryObject, NtQueryInformationProcess
ole32.dll
CoTaskMemFree, CoCreateInstance, CoInitialize, CoUninitialize, CoInitializeEx
rstrtmgr.dll
RmAddFilter, RmGetList, RmStartSession, RmRestart, RmRegisterResources, RmShutdown, RmEndSession
shell32.dll
SHGetKnownFolderPath, SHEvaluateSystemCommandTemplate
shlwapi.dll
PathMatchSpecW, PathAppendW, SHCreateStreamOnFileW, StrToIntW, PathRemoveBlanksW, StrStrIW, PathFindFileNameW, StrTrimW, SHDeleteValueW, PathFileExistsW, PathRemoveFileSpecW
user32.dll
KillTimer, LoadCursorW, PostQuitMessage, GetMessageW, SetTimer, PostMessageW, GetWindowLongW, GetMonitorInfoW, SetWindowPos, MonitorFromWindow, ReleaseDC, DispatchMessageW, GetWindowRect, GetWindowThreadProcessId, DestroyWindow, IsWindow, IsDialogMessageW, ExitWindowsEx, PostThreadMessageW, GetClassNameW, EnumWindows, GetWindowInfo, GetDlgCtrlID, EnableWindow, UpdateWindow, SendMessageW, CreateDialogParamW, GetSysColorBrush, ShowWindow, LoadStringW, GetDesktopWindow, GetDlgItem, SystemParametersInfoW, SetFocus, SetForegroundWindow, SendDlgItemMessageW, CharToOemW, SetWindowLongW, TranslateMessage, CreateWindowExW, RegisterClassW, DefWindowProcW, GetDC
uxtheme.dll
IsThemeActive
wintrust.dll
WTHelperProvDataFromStateData, WTHelperGetProvSignerFromChain, WinVerifyTrust
wtsapi32.dll
WTSFreeMemory, WTSEnumerateSessionsW, WTSEnumerateProcessesW, WTSQuerySessionInformationW
