Import table
advapi32.dll
LookupPrivilegeNameW, SetTokenInformation, ConvertStringSidToSidW, DuplicateTokenEx, CreateProcessAsUserW, AdjustTokenPrivileges, LookupPrivilegeValueW, CheckTokenMembership, CreateWellKnownSid, GetTokenInformation, OpenProcessToken, ControlService, DeleteService, CloseServiceHandle, StartServiceW, QueryServiceStatus, SetNamedSecurityInfoW, SetEntriesInAclW, BuildExplicitAccessWithNameW, GetNamedSecurityInfoW, SetSecurityDescriptorDacl, InitializeSecurityDescriptor, RegCloseKey, RegQueryValueExW, RegOpenKeyW, RegCreateKeyW, RegSetValueExW, RegDeleteValueW, RegCreateKeyExW, OpenSCManagerW, OpenServiceW, RegOpenKeyExW
kernel32.dll
lstrlenW, WideCharToMultiByte, WaitForSingleObject, CreateEventA, SetEvent, InterlockedIncrement, InterlockedDecrement, LeaveCriticalSection, InterlockedExchange, GetLastError, EnterCriticalSection, InterlockedExchangeAdd, PostQueuedCompletionStatus, TlsAlloc, TlsFree, InitializeCriticalSection, DeleteCriticalSection, CreateEventW, GetCurrentThreadId, lstrlenA, SearchPathW, CreateProcessW, FindFirstFileW, FindNextFileW, FindClose, GetFileAttributesExW, SetFileAttributesW, DeleteFileW, GetFileAttributesW, GetSystemDefaultLCID, SizeofResource, LockResource, LoadResource, FindResourceW, FindResourceExW, OutputDebugStringW, LoadLibraryW, GetProcAddress, FreeLibrary, GetModuleFileNameW, CreateDirectoryW, GetFileTime, CopyFileW, LocalFree, MultiByteToWideChar, ConnectNamedPipe, DisconnectNamedPipe, CreateNamedPipeW, CreateThread, WaitNamedPipeW, SetNamedPipeHandleState, WriteFile, WritePrivateProfileStringW, GetPrivateProfileIntW, GetPrivateProfileStringW, GetPrivateProfileSectionNamesW, CreateMutexW, CreateToolhelp32Snapshot, OpenProcess, TerminateProcess, Sleep, GetCurrentProcess, VirtualAllocEx, GetModuleHandleW, ReadProcessMemory, VirtualFreeEx, SetPriorityClass, SetThreadPriority, GetCurrentThread, Process32FirstW, Process32NextW, GetLogicalDriveStringsW, lstrcmpiW, QueryDosDeviceW, TerminateThread, ResumeThread, GetVersionExW, GetSystemInfo, GetSystemDefaultLangID, GetSystemDirectoryW, GetSystemWindowsDirectoryW, ProcessIdToSessionId, GlobalAlloc, DeviceIoControl, GlobalFree, GetVolumeInformationW, GetProcessHeap, HeapSize, HeapReAlloc, HeapFree, HeapAlloc, HeapDestroy, InitializeCriticalSectionAndSpinCount, RaiseException, GetSystemTimeAsFileTime, GetCurrentProcessId, GetTickCount, QueryPerformanceCounter, IsDebuggerPresent, SetUnhandledExceptionFilter, UnhandledExceptionFilter, InterlockedCompareExchange, DecodePointer, EncodePointer, OutputDebugStringA, CloseHandle, CreateFileW, ReadFile, SetFilePointer, GetFileSize, FormatMessageA, TlsGetValue, OpenEventA, ResetEvent, TlsSetValue, SystemTimeToFileTime, WaitForMultipleObjects, SetWaitableTimer, CreateWaitableTimerA, GetLocalTime, IsProcessorFeaturePresent
msvcp100.dll
DllMain
msvcr100.dll
DllMain
ole32.dll
CoUninitialize, CoInitialize, CoCreateInstance, CoInitializeSecurity, CoSetProxyBlanket, CoInitializeEx, OleRun
powrprof.dll
SetSuspendState
psapi.dll
EnumProcessModules, GetProcessImageFileNameW, EnumProcesses, GetModuleFileNameExW
rpcrt4.dll
UuidFromStringW
shell32.dll
SHAddToRecentDocs, ShellExecuteExW, ShellExecuteW, SHGetFolderPathW, SHGetFolderPathAndSubDirW, SHFileOperationW, SHGetSpecialFolderPathW, Shell_NotifyIconW, SHGetDesktopFolder, SHChangeNotify
shlwapi.dll
PathIsURLW, PathFileExistsW, StrCmpW, PathCombineW, PathFindFileNameW, PathCanonicalizeW, PathFindExtensionW, PathAppendW, PathRenameExtensionW, SHGetValueW, PathRemoveExtensionW, PathRemoveFileSpecW, PathIsDirectoryW, SHDeleteKeyW
user32.dll
ScreenToClient, MoveWindow, ExitWindowsEx, LockWorkStation, wsprintfW, GetSystemMetrics, DestroyIcon, MessageBoxW, GetParent, SendMessageW, FindWindowExW, FindWindowW, EnumWindows, IsIconic, ShowWindow, SetForegroundWindow, GetWindowThreadProcessId, DefWindowProcW, CreateWindowExW, PostMessageW, DestroyWindow, RegisterClassW, GetWindowRect
userenv.dll
DestroyEnvironmentBlock, CreateEnvironmentBlock
version.dll
VerQueryValueW, GetFileVersionInfoSizeW, GetFileVersionInfoW
winmm.dll
timeSetEvent, timeKillEvent, PlaySoundW
wtsapi32.dll
WTSDisconnectSession
Export table
AddApplicationToExceptionListA
AddApplicationToExceptionListW
CanLaunchMultiplayerGameW
crc
CRC32
CRC32_file
CreatePipeAndListen
Decrypt
EnableFileAccountPrivilege
Encrypt
Execute
GetComputerIP
GetDailyTaskSettings
GetMusicAttribs
GetUnitUID
GetVideoAttribs
ip_int2str
ip_str2int
IsSchedulerTaskRunning
IsValidIP
LaunchAppAsAdminUser
LaunchAppAsStdUser
ObtainExplorerToken
OpenLinkURL
PlayWavFile
RegisterExeTask
RemoveApplicationFromExceptionListA
RemoveApplicationFromExceptionListW
RemoveSchedulerTask
SendPipeMsg
UpdateIEBrowserRenderVersion
WMI_DeviceQuery
xor_crypt
