sub_403539():
	KERNEL32_GetVersionExA

	"Windows Vista"

sub_401B3F(0a36):
	"<"
	">"

sub_401FF5(15fb):
	"%^T"
	"^%"

sub_402FCB(285f):
	KERNEL32_GetCurrentDirectoryA

	"\\spooldr.ini"
	"config"

sub_4015F3(31fe):
	KERNEL32_SetEvent
	KERNEL32_CloseHandle

sub_402103(368c):
	KERNEL32_GetTickCount

sub_401C53(3d2c):
	KERNEL32_InterlockedCompareExchange
	KERNEL32_Sleep
	KERNEL32_InterlockedIncrement

sub_40235F(3d2d):
	KERNEL32_InterlockedExchange
	KERNEL32_GetTickCount

sub_403346(3d7a):
	KERNEL32_WaitForSingleObject
	KERNEL32_Sleep

sub_4021BF(4263):
	KERNEL32_InitializeCriticalSection

sub_4021DE(4599):
	KERNEL32_GetTickCount
	KERNEL32_InitializeCriticalSection

sub_401CA6(48fc):
	KERNEL32_InterlockedCompareExchange
	KERNEL32_InterlockedIncrement

sub_402512(4b8f):
	KERNEL32_InterlockedExchangeAdd

sub_401420(5621):
	KERNEL32_lstrcpyA

sub_403389(5d04):
	KERNEL32_CreateEventA
	KERNEL32_OpenEventA
	KERNEL32_CloseHandle
	KERNEL32_Sleep

	"K8JT6Hnjm$#jui#WWhHHgG"

sub_40132C(5fb6):
	KERNEL32_SetEvent
	KERNEL32_ResetEvent

sub_402400(6031):
	KERNEL32_CloseHandle

sub_4032C9(641d):
	ADVAPI32_InitializeSecurityDescriptor
	ADVAPI32_SetSecurityDescriptorDacl

sub_401E66(7006):
	KERNEL32_GetTickCount

sub_4017C3(74a3):
	KERNEL32_GetTickCount
	KERNEL32_Sleep

sub_401351(7977):
	WS2_32_WSASocketA
	WS2_32_WSAIoctl

sub_401D00(7c03):
	KERNEL32_InterlockedIncrement

sub_4012FC(7c55):
	KERNEL32_CreateEventA

sub_40177E(8895):
	KERNEL32_CreateThread
	KERNEL32_SetThreadPriority
	KERNEL32_ResumeThread

sub_401B9A(8d72):
	"<"
	">"

sub_401ED1(90cd):
	KERNEL32_InterlockedCompareExchange
	KERNEL32_Sleep
	KERNEL32_InterlockedDecrement

sub_401E21(aee9):
	KERNEL32_SetEvent

sub_4022BE(bc1f):
	"\n"

sub_402DEC(c5c8):
	"89a"

sub_401316(c802):
	KERNEL32_WaitForSingleObjectEx

sub_401D5D(cbe3):
	KERNEL32_InterlockedCompareExchange
	KERNEL32_InterlockedIncrement

sub_402624(d17f):
	KERNEL32_lstrcpynA
	KERNEL32_WaitForSingleObjectEx
	KERNEL32_Sleep

	";"
	"^%"
	"%^T"
	"From: "
	"@"
	"TCP connection is failed"
	"Can't get mx"
	"yahoo.com"

sub_40174B(e264):
	KERNEL32_CreateThread

sub_401E99(ee7b):
	KERNEL32_GetTickCount

sub_401918(ef42):
	KERNEL32_CloseHandle

sub_40320F(f3b7):
	KERNEL32_GetFullPathNameA
	KERNEL32_GetFileAttributesA
	KERNEL32_CreateFileA
	KERNEL32_CloseHandle

	"spooldr.ini"

sub_4013D5(f45c):
	KERNEL32_lstrcpyA

sub_403316(ffeb):
	KERNEL32_OpenEventW
	KERNEL32_SetEvent
	KERNEL32_CloseHandle

	"Iu6Uu3wJJHF%WYHS"