IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_RELOCS_STRIPPED

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

SetServiceStatus

DeregisterEventSource

ReportEventW

RegisterEventSourceW

CloseServiceHandle

OpenServiceW

OpenSCManagerW

RegDeleteKeyW

RegDeleteValueW

RegCloseKey

RegCreateKeyExW

RegOpenKeyExW

RegQueryValueExW

RegSetValueExW

AddAce

InitializeAcl

GetAclInformation

GetSecurityDescriptorControl

MakeAbsoluteSD

GetSecurityDescriptorSacl

GetSecurityDescriptorDacl

GetSecurityDescriptorGroup

GetSecurityDescriptorOwner

InitializeSecurityDescriptor

OpenProcessToken

CreateServiceW

DeleteService

ControlService

GetLengthSid

IsValidSid

CopySid

SetSecurityDescriptorOwner

SetSecurityDescriptorGroup

SetSecurityDescriptorDacl

RegQueryInfoKeyW

GetSidSubAuthority

InitializeSid

GetSidLengthRequired

GetTokenInformation

RegisterServiceCtrlHandlerW

StartServiceCtrlDispatcherW

MakeSelfRelativeSD

GetSecurityDescriptorLength

RegEnumKeyExW

LookupAccountNameW

OpenThreadToken

LookupAccountSidW

CreateProcessAsUserW

DuplicateTokenEx

DuplicateToken

RevertToSelf

ImpersonateLoggedOnUser

ConvertSidToStringSidW

SetThreadToken

TraceMessage

EnterCriticalSection

LeaveCriticalSection

InitializeCriticalSection

DeleteCriticalSection

CloseHandle

WaitForSingleObject

GetCurrentProcess

GetModuleFileNameW

Sleep

CreateThread

CreateEventW

GetModuleHandleW

GetCurrentThreadId

SetEvent

InterlockedIncrement

InterlockedDecrement

GetCommandLineW

GetCurrentProcessId

HeapSetInformation

GetProcessHeap

InterlockedExchange

lstrcmpiW

CompareStringW

QueueUserWorkItem

FreeLibrary

MultiByteToWideChar

SizeofResource

LoadResource

FindResourceW

LoadLibraryExW

CreateDirectoryW

DuplicateHandle

GetCurrentThread

SetLastError

GetTickCount

DeleteFileW

CreateSemaphoreW

LockResource

FindResourceExW

ReleaseSemaphore

GetLocalTime

GetTempFileNameW

ResetEvent

CopyFileW

MoveFileExW

GetFileAttributesW

CopyFileExW

GetLastError

CreateFileW

FindClose

WideCharToMultiByte

FlushFileBuffers

FindFirstFileW

FindNextFileW

CompareFileTime

GetProcAddress

VerifyVersionInfoW

VerSetConditionMask

OpenProcess

CreateProcessW

GetSystemDirectoryW

LocalFree

SetThreadPriorityBoost

SleepEx

QueueUserAPC

lstrlenW

GetSystemDefaultLCID

IsDebuggerPresent

SetUnhandledExceptionFilter

UnhandledExceptionFilter

TerminateProcess

RaiseException

GetACP

GetLocaleInfoA

GetThreadLocale

GetVersionExA

HeapDestroy

HeapAlloc

HeapFree

HeapReAlloc

HeapSize

InterlockedCompareExchange

GetStartupInfoW

QueryPerformanceCounter

GetSystemTimeAsFileTime

WriteFile

PostThreadMessageW

CharUpperW

GetMessageW

UnregisterClassA

MsgWaitForMultipleObjectsEx

TranslateMessage

PeekMessageW

LoadStringW

DispatchMessageW

MessageBoxW

CharNextW

__CxxFrameHandler3

memset

??2@YAPAXI@Z

realloc

_recalloc

_wcsicmp

_vsnwprintf

wcschr

wcsstr

_vsnprintf

_vscwprintf

vswprintf_s

iswspace

towlower

towupper

memcpy

_amsg_exit

__wgetmainargs

_cexit

_exit

_XcptFilter

exit

_wcmdln

_initterm

_initterm_e

_configthreadlocale

__setusermatherr

_adjust_fdiv

__p__commode

__p__fmode

_encode_pointer

__set_app_type

?terminate@@YAXXZ

_except_handler4_common

_unlock

__dllonexit

_lock

_onexit

_decode_pointer

_invoke_watson

_controlfp_s

?_type_info_dtor_internal_method@type_info@@QAEXXZ

_crt_debugger_hook

_resetstkoflw

_purecall

_vsnwprintf_s

_putws

wcscat_s

wcsncpy_s

wcscpy_s

memmove_s

memcpy_s

_CxxThrowException

free

malloc

??_V@YAXPAX@Z

??3@YAXPAX@Z

memmove

calloc

ord171

SHGetFolderPathW

StringFromGUID2

CoRegisterClassObject

CoRevokeClassObject

CoSuspendClassObjects

CoInitializeEx

CoUninitialize

CoResumeClassObjects

CoInitializeSecurity

CoInitialize

CoTaskMemAlloc

CoTaskMemRealloc

CoTaskMemFree

CoCreateFreeThreadedMarshaler

CoAddRefServerProcess

CoReleaseServerProcess

CoWaitForMultipleHandles

CoLockObjectExternal

CoQueryClientBlanket

CoImpersonateClient

CoRevertToSelf

CoSetProxyBlanket

CoCopyProxy

CoQueryProxyBlanket

CoCreateInstance

VarBstrCmp

VariantChangeType

SysAllocStringLen

DispCallFunc

VariantCopy

VariantClear

SysStringByteLen

SysAllocStringByteLen

SysFreeString

SysStringLen

SysAllocString

LoadTypeLi

UnRegisterTypeLi

RegisterTypeLi

VarUI4FromStr

LoadRegTypeLi

VariantInit

PathAddExtensionW

SHCreateStreamOnFileW

SHCreateStreamOnFileEx

PathIsDirectoryW

PathFileExistsW

PathAppendW

PathAddBackslashW

PathFindFileNameW

ord268

ord266

ord116

ord281

ord160

ord118

ord158

ord157

ord115

ord96

ord34

ord159

ord169

ord6

ord177

ord141

ord32

ord92

ord70

ord8

ord173

ord94

ord113

ord88

GetModuleFileNameExW

WTHelperGetProvSignerFromChain

WinVerifyTrustEx

WTHelperProvDataFromStateData

CreateEnvironmentBlock

DestroyEnvironmentBlock

UnloadUserProfile

LoadUserProfileW

CertVerifyCertificateChainPolicy

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE