Import table
advapi32.dll
SetNamedSecurityInfoW, CryptGenRandom, CryptAcquireContextW, CryptDestroyKey, CryptExportKey, CryptImportKey, CryptGenKey, CryptEncrypt, RegCloseKey, CryptAcquireContextA, InitiateSystemShutdownW, GetSidSubAuthority, ConvertSidToStringSidA, AllocateAndInitializeSid, EqualSid, LookupPrivilegeValueW, AdjustTokenPrivileges, GetNamedSecurityInfoW, FreeSid, GetEffectiveRightsFromAclW, SetEntriesInAclW, RegQueryValueExW, ConvertStringSecurityDescriptorToSecurityDescriptorA, DuplicateTokenEx, ConvertStringSidToSidW, GetLengthSid, SetTokenInformation, CreateProcessAsUserA, OpenProcessToken, GetTokenInformation, LookupAccountSidW, RegOpenKeyExW, CryptReleaseContext
crypt32.dll
CryptQueryObject, CryptMsgGetParam, CertFindCertificateInStore, CertGetNameStringW, CryptDecodeObject, CryptUnprotectData, CryptProtectData, CertFreeCertificateChain
gdi32.dll
DeleteObject, CreateCompatibleBitmap, DeleteDC, CreateCompatibleDC, SelectObject
kernel32.dll
GetCurrentThread, ResumeThread, GetThreadContext, SuspendThread, SearchPathW, GetSystemDirectoryW, QueryPerformanceCounter, GetModuleHandleA, QueryPerformanceFrequency, InterlockedCompareExchange, InterlockedDecrement, SleepEx, InitializeCriticalSectionAndSpinCount, CreateSemaphoreW, CloseHandle, WaitForSingleObject, ReleaseSemaphore, TlsFree, TlsSetValue, TlsGetValue, TlsAlloc, FreeLibrary, GetModuleFileNameA, MultiByteToWideChar, GetModuleFileNameW, GetFileTime, CreateFileA, GetFullPathNameA, DeleteFileW, MoveFileW, CopyFileW, CreateDirectoryW, GetVersionExW, FindClose, RemoveDirectoryW, FindNextFileW, FindFirstFileW, ExpandEnvironmentStringsA, FindNextFileA, FindFirstFileA, CompareFileTime, OpenProcess, ReadProcessMemory, ProcessIdToSessionId, GetConsoleWindow, SetConsoleScreenBufferSize, GetConsoleScreenBufferInfo, GetStdHandle, AllocConsole, Process32NextW, Process32FirstW, CreateToolhelp32Snapshot, Module32NextW, Module32FirstW, Thread32Next, Thread32First, GetCurrentProcess, CreateProcessA, DeleteFileA, GetProcessId, VirtualQuery, RtlCaptureContext, GetSystemInfo, TerminateProcess, DebugBreak, GetUserDefaultLangID, lstrcpynA, LockResource, LoadResource, FindResourceW, GetModuleHandleW, UnmapViewOfFile, QueryDosDeviceA, GetLogicalDriveStringsA, MapViewOfFile, CreateFileMappingW, GetFileSize, LoadLibraryExW, HeapSetInformation, CreateProcessW, lstrcmpA, CreateFileW, GetVersionExA, OpenSemaphoreA, CreateSemaphoreA, CreateEventW, SetEvent, ResetEvent, LockFileEx, UnlockFileEx, FlushInstructionCache, IsDebuggerPresent, SetUnhandledExceptionFilter, UnhandledExceptionFilter, Sleep, RaiseException, LocalAlloc, GetSystemTimeAsFileTime, InterlockedExchangeAdd, GetLastError, LocalFree, InitializeCriticalSection, InterlockedIncrement, DeleteCriticalSection, EnterCriticalSection, LeaveCriticalSection, SetLastError, WideCharToMultiByte, OutputDebugStringA, GetCurrentProcessId, GetCurrentThreadId, GetSystemTime, FormatMessageA, GetTickCount, LoadLibraryA, GetProcAddress, InterlockedExchange, GetExitCodeProcess, GetFileAttributesW
msvcp80.dll
DllMain
msvcr80.dll
DllMain
ole32.dll
CoCreateInstance
psapi.dll
GetModuleBaseNameA, GetModuleInformation, EnumProcessModules, GetModuleFileNameExA, GetMappedFileNameA, EnumProcesses, EnumDeviceDrivers, GetProcessMemoryInfo, GetDeviceDriverBaseNameA
shell32.dll
ShellExecuteExA
shlwapi.dll
StrStrIA
user32.dll
SetForegroundWindow, GetSystemMenu, DeleteMenu, GetDesktopWindow, GetWindowThreadProcessId, ShowWindow, GetWindowTextA, MonitorFromPoint, EnumDisplayMonitors, GetForegroundWindow, GetParent, EnumWindows, MessageBoxExA, CloseDesktop, GetUserObjectInformationA, GetThreadDesktop, CloseClipboard, SetClipboardData, EmptyClipboard, OpenClipboard, PrintWindow, GetClientRect, GetWindowRect, GetDC, GetWindowDC, wsprintfW, MonitorFromWindow
version.dll
GetFileVersionInfoSizeA, GetFileVersionInfoA, VerQueryValueA
Export table
0001
0002
0003
0004
0005
0006
0007
0008
0009
000a
000b
000c
000d
000e
000f
0010
0011
0012
0013
0014
0015
0016
0017
0018
0019
001a
001b
001c
001d
001e
001f
0020
0021
0022
0023
0024
0025
0026
0027
0028
0029
002a
002b
002c
002d
002e
002f
0030
0031
0032
0033
0034
0035
0036
0037
0038
0039
003a
003b
003c
003d
003e
003f
0040
0041
0042
0043
0044
0045
0046
0047
0048
0049
004a
004b
004c
004d
004e
004f
0050
0051
0052
0053
0054
0055
0056
0057
0058
0059
005a
005b
005c
005d
005e
005f
0060
0061
0062
0063
0064
0065
0066
0067
0068
0069
006a
006b
006c
006d
006e
006f
0070
0071
0072
0073
0074
0075
0076
0077
0078
0079
007a
007b
007c
007d
007e
007f
0080
0081
0082
0083
0084
0085
0086
0087
0088
0089
008a
008b
008c
008d
008e
008f
0090
0091
0092
0093
0094
0095
0096
0097
0098
0099
009a
009b
009c
009d
009e
009f
00a0
00a1
00a2
00a3
00a4
00a5
00a6
00a7
00a8
00a9
00aa
00ab
00ac
00ad
00ae
00af
00b0
00b1
00b2
00b3
00b4
00b5
00b6
00b7
00b8
00b9
00ba
00bb
00bc
00bd
00be
00bf
00c0
00c1
00c2
00c3
00c4
00c5
00c6
00c7
00c8
00c9
00ca
00cb
00cc
00cd
00ce
00cf
00d0
00d1
00d2
00d3
00d4
00d5
00d6
00d7
00d8
00d9
00da
00db
00dc
00dd
00de
00df
00e0
00e1
00e2
00e3
00e4
00e5
00e6
00e7
00e8
00e9
00ea
00eb
00ec
00ed
00ee
00ef
00f0
00f1
00f2
00f3
00f4
00f5
00f6
00f7
00f8
00f9
00fa
00fb
00fc
00fd
00fe
00ff
0100
0101
0102
0103
0104
0105
0106
0107
0108
0109
010a
010b
010c
010d
010e
010f
0110
0111
0112
0113
0114
0115
0116
0117
0118
0119
011a
011b
011c
011d
011e
011f
0120
0121
0122
0123
0124
0125
0126
0127
0128
0129
012a
012b
012c
012d
012e
012f
0130
0131
0132
0133
0134
0135
0136
0137
0138
0139
013a
013b
013c
013d
013e
013f
0140
0141
0142
0143
0144
0145
0146
0147
0148
0149
014a
014b
014c
014d
014e
014f
0150
0151
0152
0153
0154
0155
0156
0157
0158
0159
015a
015b
015c
015d
015e
015f
0160
0161
0162
0163
0164
0165
0166
0167
0168
0169
016a
016b
016c
016d
016e
016f
0170
0171
0172
0173
0174
0175
0176
0177
0178
0179
017a
017b
017c
017d
017e
017f
0180
0181
0182
0183
0184
0185
0186
0187
0188
0189
018a
018b
018c
018d
018e
018f
0190
0191
0192
0193
0194
0195
0196
0197
0198
0199
019a
019b
019c
019d
019e
019f
01a0
01a1
01a2
01a3
01a4
01a5
01a6
01a7
01a8
01a9
01aa
01ab
01ac
01ad
01ae
01af
01b0
01b1
01b2
01b3
01b4
01b5
01b6
01b7
01b8
01b9
01ba
01bb
01bc
01bd
01be
01bf
01c0
01c1
01c2
01c3
01c4
01c5
01c6
01c7
01c8
01c9
01ca
01cb
01cc
01cd
01ce
01cf
01d0
01d1
01d2
01d3
01d4
01d5
01d6
01d7
01d8
01d9
01da
01db
01dc
01dd
01de
01df
01e0
01e1
01e2
01e3
01e4
01e5
01e6
01e7
01e8
01e9
01ea
01eb
01ec
01ed
01ee
01ef
01f0
01f1
01f2
01f3
01f4
01f5
01f6
01f7
01f8
01f9
01fa
01fb
01fc
01fd
01fe
01ff
0200
0201
0202
0203
0204
0205
0206
0207
0208
0209
020a
020b
020c
020d
020e
020f
0210
0211
0212
0213
0214
0215
0216
0217
0218
0219
021a
021b
021c
021d
021e
021f
0220
0221
0222
0223
0224
0225
0226
0227
0228
0229
022a
022b
022c
022d
022e
022f
0230
0231
0232
0233
0234
0235
0236
0237
0238
0239
023a
023b
023c
023d
023e
023f
0240
0241
0242
0243
0244
0245
0246
0247
0248
0249
024a
024b
024c
024d
024e
024f
0250
0251
0252
0253
0254
0255
0256
0257
0258
0259
025a
025b
025c
025d
025e
025f
0260
0261
0262
0263
0264
0265
0266
0267
0268
0269
026a
026b
026c
026d
026e
026f
0270
0271
0272
0273
0274
0275
0276
0277
0278
0279
027a
027b
027c
027d
027e
027f
0280
0281
0282
0283
0284
0285
0286
0287
0288
0289
028a
028b
028c
028d
028e
028f
0290
0291
0292
0293
0294
0295
0296
0297
0298
0299
029a
029b
029c
029d
029e
029f
02a0
02a1
02a2
02a3
02a4
02a5
02a6
02a7
02a8
02a9
02aa
02ab
02ac
02ad
02ae
02af
02b0
02b1
02b2
02b3
02b4