sub_outside():
	KERNEL32.CreateFileA
	KERNEL32.GetFileSize
	KERNEL32.SetFilePointer
	KERNEL32.ReadFile
	KERNEL32.SetEndOfFile
	KERNEL32.GetStdHandle
	KERNEL32.GetFileType
	KERNEL32.CloseHandle
	NTDLL.RtlGetLastWin32Error
	KERNEL32.ExitProcess
	KERNEL32.Sleep
	KERNEL32.CopyFileA

sub_40350C(054e):
	KERNEL32.GetModuleHandleA
	KERNEL32.GetProcAddress
	NTDLL.RtlRestoreLastWin32Error

	"VirtualProtectEx"
	"kernel32.dll"

sub_40348C(054e):
	KERNEL32.GetModuleHandleA
	KERNEL32.GetProcAddress
	NTDLL.RtlRestoreLastWin32Error

	"VirtualAllocEx"
	"kernel32.dll"

sub_402C0C(05ee):
	ADVAPI32.RegOpenKeyA
	ADVAPI32.RegSetValueExA
	ADVAPI32.RegCloseKey

sub_40171C(1395):
	NTDLL.RtlGetLastWin32Error

sub_402958(192d):
	KERNEL32.TlsSetValue

sub_401CDC(20ae):
	KERNEL32.FreeLibrary
	KERNEL32.ExitProcess

sub_401410(218c):
	KERNEL32.GetSystemTime

sub_401258(36be):
	NTDLL.RtlGetLastWin32Error

sub_40299C(3b40):
	KERNEL32.TlsGetValue

sub_4029E8(3f4e):
	KERNEL32.GetModuleHandleA

sub_40144C(4636):
	KERNEL32.ReadFile
	NTDLL.RtlGetLastWin32Error

sub_4013B0(51d7):
	KERNEL32.GetModuleFileNameA
	KERNEL32.GetCommandLineA

sub_402CB8(54c8):
	KERNEL32.GetFileAttributesA

sub_4010F4(5961):
	NTDLL.RtlAllocateHeap

sub_401108(5c5c):
	NTDLL.RtlFreeHeap

sub_403590(5fd8):
	KERNEL32.GetModuleHandleA
	KERNEL32.GetProcAddress

	"ZwUnmapViewOfSection"
	"ntdll.dll"

sub_403E44(6596):
	NTDLL.RtlDecompressBuffer

sub_403640(6c86):
	KERNEL32.CreateProcessA
	KERNEL32.GetThreadContext
	KERNEL32.ReadProcessMemory
	KERNEL32.WriteProcessMemory
	KERNEL32.SetThreadContext
	KERNEL32.TerminateProcess
	KERNEL32.ResumeThread

sub_40112C(81dc):
	NTDLL.RtlReAllocateHeap

sub_402E38(8446):
	KERNEL32.CreateFileA
	KERNEL32.SetFilePointer
	KERNEL32.ReadFile
	KERNEL32.GetFileSize
	KERNEL32.CloseHandle

sub_402944(8667):
	KERNEL32.LocalAlloc

sub_4014D8(9a30):
	NTDLL.RtlGetLastWin32Error

sub_4014C8(abfd):
	KERNEL32.CloseHandle

sub_40148C(acbe):
	KERNEL32.WriteFile
	NTDLL.RtlGetLastWin32Error

sub_402914(b113):
	KERNEL32.GetProcessHeap
	KERNEL32.GetCurrentThreadId

sub_40185C(c4da):
	KERNEL32.GetFileSize

sub_40190C(cf52):
	KERNEL32.CreateFileA
	KERNEL32.GetStdHandle
	NTDLL.RtlGetLastWin32Error

sub_4033B0(db11):
	KERNEL32.GetEnvironmentVariableA

sub_4012C4(e4ee):
	USER32.CharNextA

sub_403038(ead9):
	KERNEL32.CreateFileA
	KERNEL32.CloseHandle
	KERNEL32.DeleteFileA

	"a7qmt"

sub_403368(f663):
	KERNEL32.FindResourceA
	KERNEL32.SizeofResource
	KERNEL32.LoadResource
	KERNEL32.LockResource
	KERNEL32.FreeResource