Import table
advapi32.dll
MakeAbsoluteSD, ConvertStringSidToSidW, RegQueryValueExW, RegEnumValueW, CryptAcquireContextW, CryptGenRandom, CryptReleaseContext, SetKernelObjectSecurity, OpenProcessToken, AdjustTokenPrivileges, RegCloseKey, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, GetSecurityDescriptorSacl, SetSecurityInfo, EqualSid, OpenThreadToken, LookupAccountNameW, DuplicateTokenEx, GetTokenInformation, GetAce, RegEnumKeyExW, RegOpenKeyExW, RegCreateKeyExW, RegDeleteValueW, RegSetValueExW, RegQueryInfoKeyW, RegDeleteKeyW, LookupPrivilegeValueW, AddAccessAllowedAce, InitializeAcl, GetSecurityInfo
crypt32.dll
CertGetIssuerCertificateFromStore, CryptMsgGetParam, CertEnumCertificatesInStore, CertOpenSystemStoreW, CertCloseStore, CertFreeCertificateChain, CertFreeCertificateChainEngine, CertFindCertificateInStore, CertFreeCertificateContext, CertCreateCertificateChainEngine, CertGetCertificateChain, CryptQueryObject, CryptHashPublicKeyInfo, CertNameToStrW, CertGetCertificateContextProperty, CryptDecodeObject, CryptMsgClose, CertGetNameStringW
gdi32.dll
GetPixel
iphlpapi.dll
GetIfTable
iswul.dll
_IswIsFileModified@4, _IswIsPathModified@4, _IswIsProcessSecured@4, _IswIpcConnect@4, _IswSelfVirtualize@4
kernel32.dll
InterlockedIncrement, InterlockedDecrement, WaitForSingleObject, CreateDirectoryW, FindFirstFileW, SetFileAttributesW, DeleteFileW, FindNextFileW, FindClose, RemoveDirectoryW, CreateProcessW, WaitForDebugEvent, TerminateProcess, ContinueDebugEvent, CreateThread, SetHandleInformation, CreateEventW, SetEvent, GetExitCodeThread, CreateFileW, GetFileSize, CloseHandle, ExpandEnvironmentStringsW, HeapAlloc, GetTickCount, OpenProcess, CreateFileA, InterlockedCompareExchange, SetLastError, GetCurrentThreadId, MultiByteToWideChar, GetThreadPriority, GetCurrentThread, SetThreadPriority, WaitForMultipleObjects, SizeofResource, LoadResource, FindResourceW, InitializeCriticalSection, LoadLibraryExW, GetModuleFileNameW, DeleteCriticalSection, FreeLibrary, GetModuleHandleW, EnterCriticalSection, LeaveCriticalSection, InterlockedExchange, RaiseException, lstrcmpiW, CreateSemaphoreW, ReleaseSemaphore, ReadFile, CompareFileTime, GetCurrentProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, QueryPerformanceCounter, GetCurrentProcessId, GetSystemTimeAsFileTime, lstrlenW, Sleep, FormatMessageW, HeapFree, GetProcessHeap, lstrcmpA, SystemTimeToFileTime, GetSystemTime, CreateMutexW, ReleaseMutex, lstrcpynW, IsBadWritePtr, IsBadReadPtr, VerLanguageNameW, LocalFree, GetProcAddress, LoadLibraryW, TlsAlloc, TlsFree, TlsGetValue, TlsSetValue, GetProcessAffinityMask, OpenThread, CreateFileMappingW, MapViewOfFile, SearchPathW, GetPrivateProfileIntW, GetPrivateProfileStringW, GetLocaleInfoW, GetVersion, UnmapViewOfFile, QueueUserWorkItem, GetEnvironmentStringsW, SetEnvironmentVariableW, GetWindowsDirectoryW, OutputDebugStringW, GetComputerNameW, HeapDestroy, GetTempPathW, GetEnvironmentVariableW, GetFileAttributesW, CopyFileW, VirtualAlloc, VirtualFree, GetCurrentDirectoryW, GetLastError, lstrlenA, GetThreadLocale, GetLocaleInfoA, GetACP, SetEndOfFile, WaitForSingleObjectEx, DuplicateHandle, GetLocalTime, ExitThread, GetCommandLineW, SetFilePointerEx, QueueUserAPC, FlushFileBuffers, WriteFile, CompareStringA, CompareStringW, MoveFileExW, WideCharToMultiByte, GetFileSizeEx, QueryPerformanceFrequency, GetVersionExW, FileTimeToSystemTime, OutputDebugStringA, GetVersionExA, GetShortPathNameW, HeapCreate
msvcp80.dll
DllMain
msvcr80.dll
DllMain
ntdll.dll
ZwWaitForMultipleObjects, ZwFlushBuffersFile, RtlGetVersion, ZwSetInformationFile, ZwSetEvent, ZwQueryKey, ZwResetEvent, ZwWaitForSingleObject, ZwQueryInformationThread, ZwDelayExecution, ZwOpenThread, ZwYieldExecution, ZwClose, ZwCreateEvent, ZwOpenKey, RtlFreeUnicodeString, ZwOpenFile, ZwCreateFile, ZwQueryInformationFile, ZwSetValueKey, ZwQueryValueKey, ZwWriteFile, ZwReadFile, RtlFormatCurrentUserKeyPath, ZwReleaseMutant, ZwQueryInformationProcess, ZwCreateMutant, RtlInitUnicodeString, ZwCreateKey, ZwQueryFullAttributesFile
ole32.dll
OleRun, CoTaskMemAlloc, CoTaskMemFree, CoTaskMemRealloc, CoInitialize, CoUninitialize, CoCreateInstance
shell32.dll
ShellExecuteExW, SHGetSpecialFolderPathW, CommandLineToArgvW
shlwapi.dll
SHDeleteKeyW
user32.dll
DestroyWindow, CharNextW, UnregisterClassA, CharLowerW, CharLowerBuffW, GetDC, GetWindowRect, GetDesktopWindow, CharUpperW, LoadStringW, CharUpperBuffW, CharUpperBuffA, CharLowerBuffA, RegisterWindowMessageW, ReleaseDC, MessageBoxW, wsprintfW, MsgWaitForMultipleObjects, PeekMessageW, TranslateMessage, DispatchMessageW
version.dll
VerQueryValueW, GetFileVersionInfoW, GetFileVersionInfoSizeW
wininet.dll
InternetCrackUrlW, InternetOpenW, HttpSendRequestExW, InternetQueryOptionW, HttpSendRequestW, InternetOpenUrlW, InternetSetOptionW, InternetReadFile, InternetCloseHandle, HttpOpenRequestW, InternetConnectW, InternetWriteFile, HttpEndRequestW, InternetErrorDlg
wintrust.dll
CryptCATAdminReleaseContext, CryptCATAdminCalcHashFromFileHandle, WTHelperGetProvSignerFromChain, CryptCATAdminReleaseCatalogContext, CryptCATAdminEnumCatalogFromHash, CryptCATCatalogInfoFromContext, CryptCATAdminAcquireContext, WinVerifyTrust, WTHelperProvDataFromStateData
Export table
_GetISWPlugin@8
_IswDllCanUnloadNow@0
_IswLog_FlushThread@4
_TrustedDllEntry@4
