Import table
advapi32.dll
TraceMessage, RegCloseKey, GetTraceEnableFlags, GetTraceEnableLevel, GetTraceLoggerHandle, RegisterTraceGuidsW, UnregisterTraceGuids, SetServiceStatus, RegOpenKeyExW, RegQueryValueExW, RegisterServiceCtrlHandlerW, StartServiceCtrlDispatcherW, FreeSid, RegDeleteKeyW, RegCreateKeyExW, CheckTokenMembership, AllocateAndInitializeSid, ConvertStringSidToSidW, RegEnumKeyW, RegQueryInfoKeyW, ConvertStringSecurityDescriptorToSecurityDescriptorW, RegSetKeySecurity, RegDeleteValueW, RegSetValueExW, CryptGenRandom, CryptAcquireContextW, CryptReleaseContext, DeregisterEventSource, ReportEventW, RegisterEventSourceW, EqualSid, OpenProcessToken, ConvertSidToStringSidW, LookupAccountNameW, RegEnumKeyExW, CryptDestroyHash, CryptHashData, CryptCreateHash, CryptGetHashParam, CryptDestroyKey, CryptEncrypt, CryptDecrypt, CryptImportKey, CryptSignHashA, CryptVerifySignatureA, CryptExportKey, CryptGenKey, RegisterTraceGuidsA, GetTokenInformation, RegQueryValueExA, RegisterServiceCtrlHandlerA, StartServiceCtrlDispatcherA, RegOpenKeyExA
kernel32.dll
Sleep, InitializeCriticalSectionAndSpinCount, WaitForSingleObject, GetCurrentThreadId, DeleteTimerQueueEx, ReleaseSemaphore, LoadLibraryW, SetThreadPriority, GetThreadPriority, DuplicateHandle, GetCurrentProcess, GetCurrentThread, OpenThread, GetTickCount, ReleaseMutex, CreateSemaphoreW, IsWow64Process, OpenMutexW, CreateMutexW, ExpandEnvironmentStringsW, GetTimeFormatW, GetDateFormatW, FileTimeToSystemTime, SetFileAttributesW, GetFileAttributesW, ChangeTimerQueueTimer, CreateDirectoryW, WriteFile, CreateFileW, GetFileSizeEx, QueueUserWorkItem, ReadFile, GetFileSize, MultiByteToWideChar, OpenProcess, GetCurrentProcessId, GetSystemInfo, CompareFileTime, SystemTimeToFileTime, GetSystemTimeAsFileTime, DeleteTimerQueue, WaitForMultipleObjects, GetDevicePowerState, CreateSemaphoreA, InterlockedExchangeAdd, GetPrivateProfileStringW, GetPrivateProfileSectionW, GetFullPathNameW, InitializeCriticalSection, SetLastError, VirtualProtect, VirtualFree, VirtualAlloc, GetLocalTime, MoveFileExW, CopyFileW, FlushFileBuffers, DeleteFileW, SetFilePointer, CreateFileMappingW, MapViewOfFile, GetModuleHandleW, UnmapViewOfFile, GetSystemDefaultUILanguage, GetUserDefaultUILanguage, GetComputerNameW, DeviceIoControl, GetLocaleInfoW, GetSystemDirectoryW, LCMapStringW, WideCharToMultiByte, GetVersionExA, GetVersion, VirtualQuery, UnhandledExceptionFilter, TerminateProcess, QueryPerformanceCounter, GetModuleHandleA, SetUnhandledExceptionFilter, InterlockedExchange, UnregisterWaitEx, SetEvent, GetModuleHandleExW, GetProcAddress, CreateTimerQueue, CreateTimerQueueTimer, CreateEventW, RegisterWaitForSingleObject, RaiseException, InterlockedDecrement, GetVersionExW, InterlockedIncrement, GetLastError, HeapSetInformation, DeleteTimerQueueTimer, LeaveCriticalSection, LocalFree, EnterCriticalSection, LocalAlloc, DeleteCriticalSection, FreeLibrary, CloseHandle, DecodePointer, EncodePointer, InterlockedCompareExchange, HeapFree, GetProcessHeap, HeapAlloc, lstrlenW, ExitThread, CreateProcessA, SetCurrentDirectoryA, ExitProcess, OpenEventA
msvcrt.dll
DllMain
ntdll.dll
NtQueryInformationThread, NtSetInformationThread, RtlUnwind, RtlFreeHeap, RtlAllocateHeap, RtlInitUnicodeString, RtlEnterCriticalSection, RtlLeaveCriticalSection, RtlCopyUnicodeString, RtlCompareUnicodeString
ole32.dll
CoInitializeSecurity, CoUninitialize, CoInitializeEx
rpcrt4.dll
NdrServerCall2, RpcServerRegisterIfEx, RpcServerUseProtseqEpW, RpcServerListen, RpcServerUnregisterIf, RpcMgmtStopServerListening, I_RpcBindingInqLocalClientPID, RpcServerInqCallAttributesW, RpcRaiseException, RpcStringFreeW, RpcRevertToSelfEx, RpcImpersonateClient, UuidCreate, UuidFromStringW, UuidToStringW, I_RpcMapWin32Status
user32.dll
wsprintfA, GetDesktopWindow