编写自定义GetModuleHandle函数的原因是什么

我看到了ZeuS恶意软件，我发现了这段源代码：

HMODULE _getKernel32Handle(void)
{
#if defined _WIN64
  return NULL; //FIXME
#else  
  __asm
  {
    cld                    //clear the direction flag for the loop
    mov edx, fs:[0x30]     //get a pointer to the PEB
    mov edx, [edx + 0x0C]  //get PEB-> Ldr
    mov edx, [edx + 0x14]  //get the first module from the InMemoryOrder module list
  next_mod:
    mov esi, [edx + 0x28]  //get pointer to modules name (unicode string)
    mov ecx, 24            //the length we want to check
    xor edi, edi           //clear edi which will store the hash of the module name
  loop_modname:
    xor eax, eax           //clear eax
    lodsb                  //read in the next byte of the name
    cmp al, 'a'            //some versions of Windows use lower case module names
    jl not_lowercase
    sub al, 0x20           //if so normalise to uppercase
  not_lowercase:
    ror edi, 13            //rotate right our hash value
    add edi, eax           //add the next byte of the name to the hash
    loop loop_modname      //loop until we have read enough
    cmp edi, 0x6A4ABC5B    //compare the hash with that of KERNEL32.DLL
    mov eax, [edx + 0x10]  //get this modules base address
    mov edx, [edx]         //get the next module
    jne next_mod           //if it doesn't match, process the next module
  };
#endif
}

逻辑如下：

1. 读取fs段寄存器（32位Windows在其中存储TEB）
2. 获取指向PEB的指针
3. 获取指向PEB_LDR_DATA的指针（包含进程已加载模块的信息）
4. 遍历InMemoryOrder列表
5. 使用自定义自制散列函数将模块名称与"kernel32.dll"进行比较

为什么GetModuleHandle的使用不合适？