_WinMain16():
	KERNEL32.GetModuleFileNameA
	KERNEL32.SetFileAttributesA
	KERNEL32.GetModuleHandleA
	KERNEL32.GetProcAddress
	KERNEL32.WriteProcessMemory

sub_outside():
	KERNEL32.GetModuleHandleA
	KERNEL32.HeapDestroy
	KERNEL32.VirtualFree

sub_401000(344b):
	KERNEL32.LoadLibraryA
	KERNEL32.FreeLibrary

	"ntdll.dll"
	"RtlDecompressBuffer"
	"RtlGetCompressionWorkSpaceSize"

sub_40172C(4c70):
	KERNEL32.CreateFileA
	KERNEL32.GetFileSize
	KERNEL32.ReadFile

sub_401718(5d2d):
	KERNEL32.ResumeThread

sub_405F17(9db0):
	KERNEL32.GetModuleHandleA
	KERNEL32.GetProcAddress

	"SetThreadContext"
	"kernel32.dll"

sub_405F34(9db0):
	KERNEL32.GetModuleHandleA
	KERNEL32.GetProcAddress

	"WriteProcessMemory"
	"kernel32.dll"

sub_405EFA(9db0):
	KERNEL32.GetModuleHandleA
	KERNEL32.GetProcAddress

	"ZwUnmapViewOfSection"
	"ntdll.dll"

sub_4014E8(c3c8):
	KERNEL32.CreateProcessA
	KERNEL32.GetThreadContext
	KERNEL32.ReadProcessMemory

sub_4015A2(c52c):
	KERNEL32.VirtualProtectEx
	NTDLL.ZwUnmapViewOfSection
	KERNEL32.GetModuleHandleA
	KERNEL32.GetProcAddress
	KERNEL32.SetThreadContext
	USER32.MessageBoxA

	"WriteProcessMemory"
	"kernel32.dll"
	"Fsd78f6sd6a78f6asd786 fas78d678 f6asd78"...