Import table
advapi32.dll
AdjustTokenPrivileges, ControlService, QueryServiceStatusEx, SetServiceStatus, ChangeServiceConfigW, RegisterServiceCtrlHandlerExW, OpenServiceW, OpenSCManagerW, DeleteService, OpenProcessToken, CloseServiceHandle, CreateServiceW, CryptVerifySignatureW, RegSetValueExW, RegCloseKey, RegEnumKeyExW, RegOpenKeyExW, RegDeleteValueW, RegDeleteKeyW, RegCreateKeyExW, CheckTokenMembership, FreeSid, SetEntriesInAclW, AllocateAndInitializeSid, SetSecurityDescriptorDacl, InitializeSecurityDescriptor, LookupPrivilegeValueW, ChangeServiceConfig2W, StartServiceW, QueryServiceStatus, RegQueryValueExW
dbghelp.dll
ImageDirectoryEntryToData
kernel32.dll
CloseHandle, FreeLibrary, LoadLibraryW, GetProcAddress, lstrcmpA, SetFilePointerEx, GetModuleHandleW, ReadFile, FlushInstructionCache, GetFileSizeEx, VirtualProtect, LoadLibraryExW, WaitForSingleObject, SetEvent, GetTickCount, ReleaseMutex, OpenProcess, VirtualFreeEx, TerminateThread, Sleep, FormatMessageW, ExitThread, lstrlenW, FreeLibraryAndExitThread, lstrcmpiA, VirtualAllocEx, Process32FirstW, ProcessIdToSessionId, CreateEventW, Module32FirstW, Process32NextW, CreateToolhelp32Snapshot, Module32NextW, GetCurrentProcessId, WriteProcessMemory, ResumeThread, IsWow64Process, DisableThreadLibraryCalls, SetLastError, OpenMutexW, GetCurrentProcess, SearchPathW, InterlockedDecrement, ExpandEnvironmentStringsW, SetFileAttributesW, LocalFree, DeleteFileW, lstrcmpiW, LocalAlloc, FindClose, GetLastError, GetModuleFileNameW, GetVersionExW, CopyFileW, GetSystemDirectoryW, GetModuleHandleExW, MoveFileExW, InterlockedIncrement, FindFirstFileW, CreateMutexW, GetTempFileNameW, CreateRemoteThread
ntdll.dll
RtlNtStatusToDosError, RtlCreateUserThread, NtQueueApcThread
user32.dll
LoadStringW, MessageBoxW, GetSystemMetrics
Export table
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
ServiceMain
ServiceRunCmd