Import table
advapi32.dll
OpenProcessToken, AllocateAndInitializeSid, EqualSid, GetTokenInformation, DuplicateTokenEx, CreateProcessAsUserW, RegEnumValueW, AdjustTokenPrivileges, LookupPrivilegeValueW, RegisterEventSourceW, ReportEventW, DeregisterEventSource, AddAccessAllowedAce, InitializeSecurityDescriptor, SetSecurityDescriptorDacl, SetFileSecurityW, CreateWellKnownSid, InitializeAcl, GetSecurityDescriptorControl, SetServiceStatus, ControlService, StartServiceW, DeleteService, OpenSCManagerW, OpenServiceW, StartServiceCtrlDispatcherW, ChangeServiceConfig2W, RegisterServiceCtrlHandlerExW, CreateServiceW, CloseServiceHandle, RegDeleteValueW, RegCloseKey, RegCreateKeyExW, RegOpenKeyExW, RegQueryValueExW, RegSetValueExW, LookupPrivilegeValueA, GetKernelObjectSecurity, SetKernelObjectSecurity, IsValidSecurityDescriptor, GetSecurityDescriptorDacl, IsValidAcl, GetSecurityDescriptorSacl, GetSecurityDescriptorOwner, IsValidSid, GetSecurityDescriptorGroup, RegEnumKeyExW, RegDeleteKeyW
dbghelp.dll
MiniDumpWriteDump
kernel32.dll
MoveFileA, GetCurrentDirectoryA, DeleteFileA, CreateDirectoryA, DeleteFileW, CopyFileW, CloseHandle, Sleep, InterlockedDecrement, FindResourceExW, FindResourceW, SizeofResource, GetCurrentProcess, GetLastError, GlobalAlloc, GlobalFree, GetVersionExW, TerminateProcess, CreateProcessW, GetExitCodeProcess, WaitForMultipleObjects, WaitForSingleObject, GetTempPathW, GetTempFileNameW, FindFirstFileW, FindNextFileW, FindClose, RemoveDirectoryW, GetPrivateProfileStringW, GetFullPathNameW, WritePrivateProfileStringW, GetPrivateProfileSectionNamesW, MultiByteToWideChar, WideCharToMultiByte, ExpandEnvironmentStringsW, EnterCriticalSection, GetLocalTime, LeaveCriticalSection, InitializeCriticalSection, DeleteCriticalSection, OutputDebugStringW, WriteConsoleW, GetStdHandle, CreateFileW, WriteFile, SetFilePointer, GetCurrentDirectoryW, SetCurrentDirectoryW, LockResource, GetCurrentThreadId, GetCurrentProcessId, SetUnhandledExceptionFilter, CreateThread, GetFileSize, ReadFile, lstrlenA, GetTickCount, HeapDestroy, HeapAlloc, HeapFree, HeapReAlloc, HeapSize, GetProcessHeap, RaiseException, GetVersionExA, InterlockedExchange, GetACP, GetLocaleInfoA, GetThreadLocale, UnhandledExceptionFilter, IsDebuggerPresent, RtlUnwind, GetCPInfo, InterlockedIncrement, GetOEMCP, IsValidCodePage, GetModuleHandleA, GetProcAddress, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, SetLastError, ExitProcess, GetModuleFileNameA, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, GetCommandLineA, GetCommandLineW, SetHandleCount, GetFileType, GetStartupInfoA, HeapCreate, VirtualFree, QueryPerformanceCounter, GetSystemTimeAsFileTime, VirtualAlloc, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, GetUserDefaultLCID, EnumSystemLocalesA, IsValidLocale, LoadLibraryA, GetConsoleCP, GetConsoleMode, FlushFileBuffers, GetTimeZoneInformation, GetLocaleInfoW, SetStdHandle, WriteConsoleA, GetConsoleOutputCP, CreateFileA, CompareStringA, CompareStringW, SetEnvironmentVariableA, lstrcpyA, GlobalLock, GlobalUnlock, FindFirstFileA, FindNextFileA, GetVersion, LocalFileTimeToFileTime, FileTimeToSystemTime, FileTimeToLocalFileTime, SetEndOfFile, SetFileTime, GetDriveTypeA, GetVolumeInformationA, GetFullPathNameA, DosDateTimeToFileTime, SetFileAttributesA, GetFileAttributesA, GetFileTime, SetVolumeLabelA, ReleaseMutex, CreateMutexA, lstrcpynA, lstrcmpiA, LoadResource, GetModuleFileNameW, SystemTimeToFileTime, lstrcmpiW, SetEnvironmentVariableW
ole32.dll
OleRun, CoUninitialize, CoInitializeSecurity, CoSetProxyBlanket, CoInitialize, CoCreateInstance
shell32.dll
SHCreateDirectoryExW
shlwapi.dll
PathFileExistsW
user32.dll
TranslateAcceleratorW, TranslateMessage, GetMessageW, UnregisterClassA, OemToCharA, CharToOemA, SendMessageW, DispatchMessageW
userenv.dll
DestroyEnvironmentBlock, CreateEnvironmentBlock
wininet.dll
InternetReadFile, InternetOpenUrlW, InternetCloseHandle, InternetOpenW, HttpQueryInfoW
wtsapi32.dll
WTSEnumerateSessionsW, WTSQueryUserToken, WTSFreeMemory
