Import table
advapi32.dll
RegCreateKeyW, CryptAcquireContextW, CryptGenRandom, OpenThreadToken, RegSetValueExW, RegDeleteValueW, RegEnumValueW, RegCreateKeyExW, RegOpenKeyExW, EqualSid, SetSecurityInfo, GetSecurityDescriptorSacl, SetSecurityDescriptorDacl, InitializeSecurityDescriptor, MakeAbsoluteSD, ConvertStringSidToSidW, OpenProcessToken, AdjustTokenPrivileges, LookupPrivilegeValueW, AddAccessAllowedAce, InitializeAcl, GetSecurityInfo, GetAce, SetKernelObjectSecurity, DuplicateTokenEx, LookupAccountNameW, RegEnumKeyW, RegQueryValueExW, RegDeleteKeyW, GetTokenInformation, RegCloseKey, CryptReleaseContext
crypt32.dll
CryptDecodeObject, CryptMsgClose, CertFreeCertificateChainEngine, CertFreeCertificateChain, CertGetCertificateContextProperty, CertNameToStrW, CertGetNameStringW, CryptHashPublicKeyInfo, CryptQueryObject, CertGetCertificateChain, CertFreeCertificateContext, CertCreateCertificateChainEngine, CertGetIssuerCertificateFromStore, CertEnumCertificatesInStore, CertFindCertificateInStore, CryptMsgGetParam, CertOpenSystemStoreW, CertCloseStore
gdi32.dll
GetPixel, DeleteObject, GetBitmapBits, GetObjectW
iphlpapi.dll
GetIfTable
kernel32.dll
FindClose, GetEnvironmentStringsW, FindFirstFileW, GetProcAddress, MultiByteToWideChar, GetModuleFileNameW, IsDebuggerPresent, GetSystemTimeAsFileTime, lstrlenA, SetEnvironmentVariableW, GetModuleHandleW, GetWindowsDirectoryW, TerminateProcess, UnhandledExceptionFilter, WaitForMultipleObjectsEx, GetTickCount, LeaveCriticalSection, EnterCriticalSection, DeleteCriticalSection, InitializeCriticalSectionAndSpinCount, InitializeCriticalSection, GetCurrentProcess, SetProcessWorkingSetSize, GetCurrentProcessId, InterlockedIncrement, WaitForSingleObject, CloseHandle, SetEvent, CreateEventW, FreeLibrary, LoadLibraryW, SetLastError, GetLastError, Sleep, InterlockedCompareExchange, HeapAlloc, FormatMessageW, GetProcessHeap, InterlockedDecrement, lstrlenW, GetLocaleInfoW, GetThreadLocale, lstrcmpA, FlushFileBuffers, SetUnhandledExceptionFilter, CreateDirectoryW, GetEnvironmentVariableW, GetFileAttributesW, GetCurrentDirectoryW, CopyFileW, VirtualAlloc, VirtualFree, GetCurrentThreadId, LoadLibraryExW, TlsAlloc, GetTempPathW, TlsFree, TlsGetValue, TlsSetValue, GetProcessAffinityMask, OpenThread, CreateFileW, WaitNamedPipeW, WriteFile, ReadFile, SearchPathW, MapViewOfFile, InterlockedExchange, UnmapViewOfFile, QueueUserWorkItem, CreateFileMappingW, GetVersionExW, GetPrivateProfileStringW, GetPrivateProfileIntW, GetThreadPriority, GetCurrentThread, SetThreadPriority, DeleteFileW, MoveFileExW, OutputDebugStringW, WideCharToMultiByte, GetShortPathNameW, GetFileSize, CreateThread, GetExitCodeThread, ReadProcessMemory, IsBadReadPtr, IsBadWritePtr, lstrcpynW, VerLanguageNameW, GetVersion, LocalFree, GetComputerNameW, GlobalAlloc, GlobalLock, GlobalUnlock, GlobalDeleteAtom, GlobalFree, GlobalAddAtomW, ResetEvent, OpenEventW, OpenProcess, CompareStringA, CompareStringW, SetFilePointerEx, GetFileSizeEx, HeapFree, DuplicateHandle, OutputDebugStringA, FileTimeToSystemTime, QueryPerformanceFrequency, ReleaseMutex, GetLocalTime, GetCommandLineW, ExitThread, QueryPerformanceCounter, CompareFileTime, QueueUserAPC, SystemTimeToFileTime, GetSystemTime, HeapCreate, HeapDestroy, SetEndOfFile, WaitForSingleObjectEx, CreateMutexW, VirtualQuery, OpenFileMappingW, GlobalSize
msvcp80.dll
DllMain
msvcr80.dll
DllMain
ntdll.dll
ZwDelayExecution, ZwOpenThread, ZwSetEvent, ZwOpenEvent, ZwResetEvent, ZwQueryInformationProcess, ZwCreateMutant, ZwOpenMutant, ZwSetInformationFile, ZwReadVirtualMemory, ZwQueryVirtualMemory, ZwReadFile, _allmul, ZwYieldExecution, ZwClose, ZwCreateEvent, ZwWaitForSingleObject, RtlGetVersion, ZwQueryKey, RtlFormatCurrentUserKeyPath, ZwReleaseMutant, RtlInitUnicodeString, ZwCreateKey, ZwWaitForMultipleObjects, ZwQueryFullAttributesFile, ZwOpenKey, RtlFreeUnicodeString, ZwOpenFile, ZwCreateFile, ZwQueryInformationFile, ZwQueryValueKey, ZwSetValueKey, ZwFlushBuffersFile, ZwWriteFile, ZwQueryInformationThread, memset, memcmp, _wcsicmp, wcsstr, wcsncpy, wcscmp, _fltused, RtlUnwind
ole32.dll
CoUninitialize, CoInitialize, CoCreateInstance, CoCreateGuid, OleRun
shell32.dll
CommandLineToArgvW, ShellExecuteExW, SHGetSpecialFolderPathW, ExtractIconExW
shlwapi.dll
SHDeleteKeyW
user32.dll
KillTimer, SetTimer, LoadStringW, PeekMessageW, MsgWaitForMultipleObjects, CharLowerBuffA, CharUpperBuffA, CharUpperBuffW, FindWindowW, GetWindowThreadProcessId, AllowSetForegroundWindow, SendMessageW, FindWindowExW, GetDesktopWindow, CloseDesktop, OpenDesktopW, GetThreadDesktop, SetThreadDesktop, OpenInputDesktop, GetUserObjectInformationW, GetCursor, GetIconInfo, GetMessagePos, SetFocus, GetWindowLongW, DefWindowProcW, UnpackDDElParam, FreeDDElParam, SendMessageTimeoutW, RegisterClassW, CreateWindowExW, SetWindowLongW, CharUpperW, CharLowerW, wsprintfW, LoadIconW, LoadImageW, PostQuitMessage, GetKeyState, SetForegroundWindow, GetParent, GetClassNameW, RegisterWindowMessageW, PostMessageW, EnumChildWindows, EnumWindows, ShowWindow, GetSystemMetrics, GetClientRect, SetClassLongW, PostThreadMessageW, DestroyWindow, GetWindowTextW, EnumThreadWindows, GetQueueStatus, GetDC, DispatchMessageW, TranslateMessage, GetMessageW, MessageBoxW, ReleaseDC, CharLowerBuffW, GetWindowRect, SetWindowPos, DestroyIcon, IsWindow
version.dll
GetFileVersionInfoSizeW, VerQueryValueW, GetFileVersionInfoW
wininet.dll
InternetSetOptionW, InternetErrorDlg, HttpOpenRequestW, InternetConnectW, InternetQueryOptionW, HttpEndRequestW, InternetWriteFile, HttpSendRequestExW, HttpSendRequestW, InternetCrackUrlW, InternetCloseHandle, InternetOpenW, InternetOpenUrlW, InternetReadFile
wintrust.dll
WTHelperGetProvSignerFromChain, CryptCATAdminEnumCatalogFromHash, CryptCATCatalogInfoFromContext, CryptCATAdminAcquireContext, CryptCATAdminCalcHashFromFileHandle, CryptCATAdminReleaseContext, CryptCATAdminReleaseCatalogContext, WTHelperProvDataFromStateData, WinVerifyTrust
Export table
_GetISWPlugin@8
_IswDllCanUnloadNow@0
_IswLog_FlushThread@4
_TrustedDllEntry@4
