sub_40159E(00ab):
	USER32.wsprintfA
	WS2_32.ntohs
	WS2_32.socket
	WS2_32.connect
	WS2_32.send
	WS2_32.recv
	KERNEL32.Sleep
	WS2_32.closesocket

	"\\\\%s\\ipc$"

sub_43AD58(046c):
	USER32.EnumDesktopWindows

sub_4409DF(06a3):
	ADVAPI32.GetUserNameA
	KERNEL32.GetComputerNameA
	KERNEL32.GetEnvironmentStringsA
	KERNEL32.FreeEnvironmentStringsA

sub_403AE6(06bc):
	KERNEL32.GetCPInfo

sub_40283E(0828):
	KERNEL32.GetVersion
	KERNEL32.GetCommandLineA
	KERNEL32.GetStartupInfoA
	KERNEL32.GetModuleHandleA

sub_43BC02(0d4e):
	KERNEL32.MultiByteToWideChar

sub_404573(0e35):
	KERNEL32.LoadLibraryA
	KERNEL32.GetProcAddress

	"user32.dll"
	"MessageBoxA"
	"GetActiveWindow"
	"GetLastActivePopup"

sub_43AF59(1770):
	KERNEL32.GetVersionExA

sub_402E58(18d1):
	KERNEL32.GetModuleFileNameA

	"C:\\m_unpacker\\packed.exe"

sub_441F97(1be4):
	KERNEL32.CreateFileA
	KERNEL32.SetFilePointer
	KERNEL32.WriteFile
	KERNEL32.LocalAlloc
	KERNEL32.CloseHandle
	KERNEL32.LocalFree

sub_4430CE(1c96):
	KERNEL32.OpenMutexA
	KERNEL32.CloseHandle

sub_43EB7A(2067):
	KERNEL32.CreateFileA
	KERNEL32.ReadFile
	KERNEL32.WriteFile
	KERNEL32.CloseHandle
	KERNEL32.WinExec
	KERNEL32.DeleteFileA

sub_43E024(2556):
	KERNEL32.VirtualFree

sub_4446E4(272d):
	USER32.DefWindowProcA

sub_4010D2(2796):
	WS2_32.gethostname
	WS2_32.gethostbyname
	WS2_32.inet_ntoa
	KERNEL32.lstrcpyA

	"127.0.0.1"

sub_4020D7(295c):
	KERNEL32.GetModuleFileNameA
	KERNEL32.GetWindowsDirectoryA
	KERNEL32.CopyFileA
	ADVAPI32.RegOpenKeyA
	ADVAPI32.RegSetValueExA
	ADVAPI32.RegCloseKey

	"\\"
	"SOFTWARE\\Microsoft\\Windows\\CurrentVersi"...

sub_401153(2977):
	WS2_32.ntohs
	WS2_32.socket
	WS2_32.connect
	WS2_32.closesocket

sub_444702(29ab):
	ADVAPI32.RegOpenKeyExA
	ADVAPI32.RegQueryValueExA
	ADVAPI32.RegCloseKey

sub_402BC3(2f2e):
	KERNEL32._lread
	KERNEL32.UnhandledExceptionFilter

sub_444E43(321f):
	KERNEL32.GetModuleHandleA
	KERNEL32.LoadLibraryA
	KERNEL32.GetProcAddress

sub_43CE34(321f):
	KERNEL32.GetModuleHandleA
	KERNEL32.LoadLibraryA
	KERNEL32.GetProcAddress

sub_40127D(3363):
	WS2_32.ntohs
	WS2_32.socket
	WS2_32.connect
	KERNEL32.lstrcpyA
	USER32.wsprintfA
	WS2_32.send
	KERNEL32.Sleep
	WS2_32.closesocket

sub_43AD9A(3699):
	KERNEL32.GetModuleHandleA
	KERNEL32.LoadLibraryA
	KERNEL32.GetProcAddress

	"\t"

sub_440FDF(3eed):
	KERNEL32.CreateFileA
	KERNEL32.ReadFile
	KERNEL32.CloseHandle

sub_4427FF(42f1):
	KERNEL32.GetModuleHandleA
	KERNEL32.LoadLibraryA
	KERNEL32.GetProcAddress

sub_4410CF(43d3):
	KERNEL32.CreateFileA
	KERNEL32.SetFilePointer
	KERNEL32.WriteFile
	KERNEL32.CloseHandle

sub_43E040(48a0):
	KERNEL32.GetExitCodeThread
	KERNEL32.CloseHandle
	KERNEL32.GetDriveTypeA
	KERNEL32.SetErrorMode
	KERNEL32.GetDiskFreeSpaceA
	KERNEL32.CreateThread

sub_4011D5(518e):
	WS2_32.inet_addr
	WS2_32.gethostbyname

sub_4046FE(547a):
	KERNEL32.LCMapStringW
	KERNEL32.LCMapStringA
	KERNEL32.MultiByteToWideChar
	KERNEL32.WideCharToMultiByte

sub_403382(55e5):
	KERNEL32.HeapCreate
	KERNEL32.HeapDestroy

sub_43F4CC(5633):
	KERNEL32.CreateFileA
	KERNEL32.GetFileSize
	KERNEL32.LocalAlloc
	KERNEL32.ReadFile
	KERNEL32.CloseHandle
	KERNEL32.WriteFile
	KERNEL32.LocalFree
	KERNEL32.CopyFileA
	KERNEL32.DeleteFileA

sub_403D93(597c):
	KERNEL32.VirtualFree
	NTDLL.RtlFreeHeap

sub_43D16C(5a83):
	KERNEL32.FindClose
	KERNEL32.ExitThread
	KERNEL32.GetDriveTypeA
	KERNEL32.FindFirstFileA
	KERNEL32.FindNextFileA

sub_403C87(5c3f):
	NTDLL.RtlFreeHeap

sub_43F294(5c8a):
	KERNEL32.GetVersionExA
	KERNEL32.GetVolumeInformationA
	KERNEL32.GetLocaleInfoA

	","
	"\t"

sub_401EF0(5f72):
	WS2_32.inet_addr
	USER32.wsprintfA
	KERNEL32.GetModuleFileNameA
	KERNEL32.WinExec
	KERNEL32.Sleep

	"%i.%i.%i.%i"
	" "

sub_43A764(61c2):
	SHELL32.SHGetFolderPathA
	KERNEL32.GetSystemTime

sub_404478(64eb):
	KERNEL32.VirtualAlloc

sub_402029(6b20):
	KERNEL32.CreateMutexA
	KERNEL32.GetTickCount
	NTDLL.RtlGetLastWin32Error
	KERNEL32.CreateThread
	ADVAPI32.AbortSystemShutdownA
	KERNEL32.Sleep

	"Jobaka3"
	"JumpallsNlsTillt"

sub_4421CD(7286):
	KERNEL32.InterlockedDecrement

sub_440C87(7286):
	KERNEL32.InterlockedDecrement

sub_4425A6(72bd):
	KERNEL32.LocalFree

sub_43B347(7904):
	ADVAPI32.SetFileSecurityA

sub_4428E6(7964):
	KERNEL32.GetCurrentProcessId
	KERNEL32.OpenProcess
	ADVAPI32.OpenProcessToken
	ADVAPI32.GetTokenInformation
	KERNEL32.LocalAlloc
	ADVAPI32.InitializeSecurityDescriptor
	ADVAPI32.SetSecurityDescriptorDacl
	ADVAPI32.SetSecurityDescriptorOwner
	ADVAPI32.LookupPrivilegeValueA
	ADVAPI32.AdjustTokenPrivileges
	KERNEL32.CloseHandle

	"SeTakeOwnershipPrivilege"

sub_401E65(80c4):
	WS2_32.socket
	WS2_32.ntohs
	WS2_32.bind
	WS2_32.listen
	WS2_32.closesocket
	WS2_32.accept
	KERNEL32.CreateThread
	KERNEL32.Sleep

sub_40371C(81be):
	KERNEL32.GetStringTypeW
	KERNEL32.GetStringTypeA
	KERNEL32.MultiByteToWideChar

sub_4421FA(84ae):
	KERNEL32.GetProcAddress

	"CreateThread"
	"EnterCriticalSection"
	"InitializeCriticalSection"
	"LeaveCriticalSection"

sub_4435CB(86f6):
	KERNEL32.GetTickCount

sub_43D4AD(876b):
	KERNEL32.FindFirstFileA
	KERNEL32.CompareFileTime
	KERNEL32.FileTimeToSystemTime
	KERNEL32.FindNextFileA

sub_442CEF(88bd):
	KERNEL32.InitializeCriticalSection
	NTDLL.RtlEnterCriticalSection
	NTDLL.RtlLeaveCriticalSection

sub_4033C0(8af0):
	NTDLL.RtlUnwind

sub_442C9D(900e):
	KERNEL32.GetModuleHandleA
	KERNEL32.LoadLibraryA
	KERNEL32.GetProcAddress

sub_441ECB(905c):
	KERNEL32.CreateFileA
	KERNEL32.WriteFile
	KERNEL32.CloseHandle

sub_43BB6D(915d):
	KERNEL32.ExitThread

sub_43AFA1(9252):
	KERNEL32.GetModuleHandleA
	KERNEL32.LoadLibraryA
	KERNEL32.GetProcAddress

	"\n"

sub_43E36B(965d):
	KERNEL32.LocalFree

sub_43D7AB(97c2):
	USER32.FindWindowExA
	USER32.SendMessageA

sub_43AC82(9942):
	KERNEL32.InitializeCriticalSection
	NTDLL.RtlEnterCriticalSection
	NTDLL.RtlLeaveCriticalSection

sub_443DD5(9b75):
	KERNEL32.GetProcAddress

sub_43BB7B(9ef8):
	USER32.GetWindow
	USER32.GetClassNameA

sub_401028(a0f6):
	WS2_32.WSAStartup

sub_43D8EA(a4ac):
	USER32.SetFocus
	USER32.GetWindowTextA
	USER32.MessageBoxA
	USER32.SetWindowTextA
	USER32.DestroyWindow
	USER32.ShowWindow
	USER32.CallWindowProcA

sub_43E524(a5cf):
	SHELL32.SHGetFolderPathA
	KERNEL32.CreateThread
	KERNEL32.CloseHandle

sub_43A1C3(a771):
	"wr"
	"wr"

sub_4038A7(a8e4):
	KERNEL32.GetOEMCP
	KERNEL32.GetCPInfo

sub_401398(a8f7):
	KERNEL32.lstrcpyA
	USER32.wsprintfA
	WS2_32.gethostbyname
	WS2_32.socket
	WS2_32.ntohs
	WS2_32.connect
	WS2_32.send
	WS2_32.recv
	WS2_32.closesocket

	"\\\\%s\\ipc$"
	"%s%c"

sub_43BE21(aa44):
	USER32.FindWindowExA
	USER32.ShowWindow
	USER32.GetWindowRect
	KERNEL32.GetModuleHandleA
	USER32.CreateWindowExA
	GDI32.CreateFontA
	USER32.SendMessageA
	USER32.GetWindowLongA
	USER32.SetWindowLongA
	USER32.SetFocus

sub_44285A(ab5a):
	KERNEL32.CreateFileA
	KERNEL32.GetFileSize
	KERNEL32.LocalAlloc
	KERNEL32.ReadFile
	KERNEL32.CloseHandle

sub_443D39(ac87):
	KERNEL32.CreateFileA
	KERNEL32.SetFilePointer
	KERNEL32.ReadFile
	KERNEL32.CloseHandle

sub_401045(acd0):
	WS2_32.inet_addr

sub_4443AD(adf0):
	KERNEL32.InterlockedIncrement

sub_443175(adf0):
	KERNEL32.InterlockedIncrement

sub_443CBA(adf0):
	KERNEL32.InterlockedIncrement

sub_43B896(aea9):
	KERNEL32.lstrlenW
	KERNEL32.WideCharToMultiByte

sub_402959(af5c):
	KERNEL32.ExitProcess

sub_401210(b4f1):
	USER32.wsprintfA
	KERNEL32._lcreat
	KERNEL32._lwrite
	KERNEL32._lclose

	"%i"
	"c:\\win2.log"

sub_442DF5(b53d):
	KERNEL32.GetTickCount

sub_43E1E8(b71e):
	KERNEL32.CreateFileA
	KERNEL32.SetFilePointer
	KERNEL32.ReadFile
	KERNEL32.WriteFile
	KERNEL32.CloseHandle

sub_442ADD(b93e):
	KERNEL32.GetModuleHandleA
	KERNEL32.LoadLibraryA
	KERNEL32.GetProcAddress

sub_43E7D1(c7a0):
	KERNEL32.GetSystemDirectoryA
	KERNEL32.GetVolumeInformationA

sub_4031D7(c890):
	KERNEL32.GetStartupInfoA
	KERNEL32.GetFileType
	KERNEL32.GetStdHandle
	KERNEL32.SetHandleCount

sub_43B380(c9c2):
	SHELL32.SHGetFolderPathA

sub_4043C7(cbe8):
	NTDLL.RtlReAllocateHeap
	NTDLL.RtlAllocateHeap
	KERNEL32.VirtualAlloc
	NTDLL.RtlFreeHeap

sub_401B08(d0a5):
	WS2_32.send
	WS2_32.recv
	USER32.wsprintfA
	WS2_32.ntohs
	WS2_32.socket
	WS2_32.connect
	WS2_32.closesocket
	KERNEL32.GetModuleFileNameA
	KERNEL32._lopen
	KERNEL32._lread
	KERNEL32._lclose

	"USER"
	"PASS"
	"PORT"
	"%i.%i.%i.%i"
	"RETR"
	"QUIT"

sub_43A6D4(da11):
	USER32.GetWindowTextA

sub_4030A5(dcdc):
	KERNEL32.GetEnvironmentStringsW
	KERNEL32.GetEnvironmentStringsA
	KERNEL32.WideCharToMultiByte
	KERNEL32.FreeEnvironmentStringsW
	KERNEL32.FreeEnvironmentStringsA

sub_43AB3B(dd73):
	SHELL32.SHGetFolderPathA
	KERNEL32.GetSystemTime

sub_43F09C(e4a3):
	NTDLL.RtlZeroMemory

sub_403D2A(e71f):
	NTDLL.RtlAllocateHeap

sub_402B10(e781):
	KERNEL32.GetCurrentProcess
	KERNEL32.TerminateProcess
	KERNEL32.ExitProcess

sub_43A39F(e7d7):
	KERNEL32.ExitThread
	KERNEL32.CreateMutexA
	KERNEL32.WaitForSingleObject
	KERNEL32.GetModuleHandleA
	USER32.LoadCursorA
	USER32.LoadIconA
	GDI32.GetStockObject
	USER32.RegisterClassA
	USER32.CreateWindowExA
	KERNEL32.CreateThread
	KERNEL32.CloseHandle
	USER32.TranslateMessage
	USER32.DispatchMessageA
	USER32.GetMessageA

sub_441F34(f276):
	KERNEL32.GetModuleHandleA
	KERNEL32.LoadLibraryA
	KERNEL32.GetProcAddress

	"\n"

sub_43A8A3(f3e6):
	KERNEL32.FindFirstFileA
	KERNEL32.CompareFileTime
	KERNEL32.FileTimeToSystemTime
	KERNEL32.DeleteFileA
	KERNEL32.FindNextFileA

sub_44475F(f43e):
	KERNEL32.CreateThread

sub_43A745(f859):
	KERNEL32.VirtualAlloc

sub_43B31E(f864):
	KERNEL32.InterlockedDecrement

sub_43B3E1(f9de):
	KERNEL32.GetModuleHandleA
	KERNEL32.LoadLibraryA
	KERNEL32.GetProcAddress

sub_4035C9(fc50):
	KERNEL32.GetModuleFileNameA
	KERNEL32.GetStdHandle
	KERNEL32.WriteFile

	""
	"..."
	"Runtime Error!\n\nProgram: "
	"\n\n"
	"Microsoft Visual C++ Runtime Library"

sub_403CF4(fd6e):
	NTDLL.RtlAllocateHeap

sub_444ACE(ff78):
	KERNEL32.CreateFileA
	KERNEL32.ReadFile
	KERNEL32.CloseHandle