sub_outside():
	KERNEL32.CreateFileA
	KERNEL32.GetFileSize
	KERNEL32.SetFilePointer
	KERNEL32.ReadFile
	KERNEL32.SetEndOfFile
	KERNEL32.GetStdHandle
	KERNEL32.GetFileType
	KERNEL32.CloseHandle
	NTDLL.RtlGetLastWin32Error

sub_402B68(054e):
	KERNEL32.GetModuleHandleA
	KERNEL32.GetProcAddress
	NTDLL.RtlRestoreLastWin32Error
	KERNEL32.VirtualProtectEx

	"VirtualProtectEx"
	"kernel32.dll"

sub_402AE8(054e):
	KERNEL32.GetModuleHandleA
	KERNEL32.GetProcAddress
	NTDLL.RtlRestoreLastWin32Error
	KERNEL32.VirtualAllocEx

	"VirtualAllocEx"
	"kernel32.dll"

sub_401714(1395):
	NTDLL.RtlGetLastWin32Error

sub_4028B0(192d):
	KERNEL32.TlsSetValue

sub_401C4C(20ae):
	KERNEL32.FreeLibrary
	KERNEL32.ExitProcess

sub_401410(218c):
	KERNEL32.GetSystemTime

sub_401258(36be):
	NTDLL.RtlGetLastWin32Error

sub_4028F4(3b40):
	KERNEL32.TlsGetValue

sub_402940(3f4e):
	KERNEL32.GetModuleHandleA

sub_40144C(4636):
	KERNEL32.ReadFile
	NTDLL.RtlGetLastWin32Error

sub_4013B0(51d7):
	KERNEL32.GetModuleFileNameA
	KERNEL32.GetCommandLineA

sub_4010F4(5961):
	NTDLL.RtlAllocateHeap

sub_401108(5c5c):
	NTDLL.RtlFreeHeap

sub_402BEC(5fd8):
	KERNEL32.GetModuleHandleA
	KERNEL32.GetProcAddress
	NTDLL.NtUnmapViewOfSection

	"ZwUnmapViewOfSection"
	"ntdll.dll"

sub_4032F0(6596):
	NTDLL.RtlDecompressBuffer

sub_403AEC(7113):
	KERNEL32.ExitProcess
	KERNEL32.Sleep
	KERNEL32.WinExec

sub_40112C(81dc):
	NTDLL.RtlReAllocateHeap

sub_40289C(8667):
	KERNEL32.LocalAlloc

sub_402C9C(91df):
	KERNEL32.CreateProcessA
	KERNEL32.GetThreadContext
	KERNEL32.ReadProcessMemory
	KERNEL32.WriteProcessMemory
	KERNEL32.SetThreadContext
	KERNEL32.TerminateProcess
	KERNEL32.ResumeThread

sub_4014D8(9a30):
	NTDLL.RtlGetLastWin32Error

sub_4014C8(abfd):
	KERNEL32.CloseHandle

sub_40148C(acbe):
	KERNEL32.WriteFile
	NTDLL.RtlGetLastWin32Error

sub_401898(cf52):
	KERNEL32.CreateFileA
	KERNEL32.GetStdHandle
	NTDLL.RtlGetLastWin32Error

sub_403990(d1c0):
	KERNEL32.GetWindowsDirectoryA

sub_4039CC(d1c0):
	KERNEL32.GetSystemDirectoryA

sub_40387C(db11):
	KERNEL32.GetEnvironmentVariableA

sub_4012C4(e4ee):
	USER32.CharNextA

sub_403834(f663):
	KERNEL32.FindResourceA
	KERNEL32.SizeofResource
	KERNEL32.LoadResource
	KERNEL32.LockResource
	KERNEL32.FreeResource