sub_outside():
	KERNEL32.GetVersionExA
	KERNEL32.GetCommandLineA
	KERNEL32.VirtualFree
	KERNEL32.ExitProcess

sub_402390(0049):
	ADVAPI32.LookupPrivilegeValueA
	KERNEL32.GetCurrentProcess
	ADVAPI32.OpenProcessToken
	ADVAPI32.AdjustTokenPrivileges
	KERNEL32.CloseHandle

sub_402510(083a):
	KERNEL32.GetModuleFileNameA
	KERNEL32.CreateFileA
	KERNEL32.GetFileSize
	KERNEL32.CreateFileMappingA
	KERNEL32.MapViewOfFile
	KERNEL32.ReadFile
	KERNEL32.CloseHandle
	KERNEL32.GetModuleHandleA
	KERNEL32.UnmapViewOfFile

	"Global\\2gjkgsjqgq"

sub_402410(1261):
	KERNEL32.CreateToolhelp32Snapshot
	KERNEL32.Process32First
	KERNEL32.lstrcmpiA
	KERNEL32.Process32Next
	KERNEL32.CloseHandle

sub_402150(22b8):
	KERNEL32.OpenProcess
	KERNEL32.VirtualAllocEx
	KERNEL32.CreateRemoteThread

	"SeDebugPrivilege"

sub_402250(9920):
	KERNEL32.VirtualAlloc

sub_4024A0(9ea0):
	KERNEL32.LoadLibraryA
	KERNEL32.GetProcAddress

sub_409C10(a26a):
	"inistrator"

sub_4103F0(a3bd):
	"€"
	"€"

sub_402100(af04):
	KERNEL32.WriteProcessMemory
	KERNEL32.ResumeThread
	KERNEL32.CloseHandle

sub_4022E0(d964):
	KERNEL32.LoadLibraryA
	KERNEL32.GetProcAddress

sub_402062(e772):
	KERNEL32.CreateFileMappingA
	KERNEL32.MapViewOfFile
	KERNEL32.UnmapViewOfFile

	"Global\\1CKPUPP"

sub_408DC0(ebc6):
	"eMutexA"
	"s2_32.dll"

sub_4100B1(faf4):
	"€"
	"€"