IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_RELOCS_STRIPPED

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

wsprintfW

CharLowerBuffW

OpenProcessToken

RegisterTraceGuidsW

CryptCreateHash

RegNotifyChangeKeyValue

RegCloseKey

QueryServiceStatus

GetTraceLoggerHandle

RegSetValueExW

OpenServiceW

RegOpenKeyW

CryptDestroyHash

CryptHashData

ReportEventW

OpenSCManagerW

CryptAcquireContextW

CloseServiceHandle

TraceEvent

RegQueryInfoKeyW

RegisterEventSourceW

QueryServiceConfigW

SetThreadToken

LookupAccountSidW

RegQueryValueExW

CryptSetProvParam

CryptGetHashParam

DeregisterEventSource

SystemFunction006

AllocateAndInitializeSid

RegConnectRegistryW

RegDeleteValueW

OpenThreadToken

RevertToSelf

RegOpenKeyExW

CryptGetProvParam

FreeSid

RegCreateKeyExW

GetTokenInformation

CryptReleaseContext

CredFree

SystemFunction007

RegEnumKeyExW

CredUnmarshalCredentialW

ASN1BERDecBitString

ASN1BEREncOpenType

ASN1BERDecGeneralizedTime

ASN1_CloseEncoder

ASN1_CloseDecoder

ASN1BERDecNotEndOfContents

ASN1intx_setuint32

ASN1BEREncBitString

ASN1objectidentifier_free

ASN1EncSetError

ASN1ztcharstring_free

ASN1_FreeDecoded

ASN1_FreeEncoded

ASN1octetstring_free

ASN1_CreateDecoder

ASN1bitstring_free

ASN1BEREncSX

ASN1_CreateModule

ASN1BERDecExplicitTag

ASN1_Decode

ASN1intx_free

ASN1BEREncObjectIdentifier

ASN1BERDecBool

ASN1CEREncGeneralizedTime

ASN1BERDecZeroCharString

ASN1BERDecObjectIdentifier

ASN1BERDecOpenType2

ASN1intxisuint32

ASN1BEREncOctetString

ASN1BEREncExplicitTag

ASN1BERDecU32Val

ASN1DecAlloc

ASN1charstring_free

ASN1DecSetError

ASN1BERDecCharString

ASN1BERDecEndOfContents

ASN1BERDecPeekTag

ASN1intx2uint32

ASN1BEREncCharString

ASN1BEREncEndOfContents

ASN1intx2int32

ASN1BERDecSkip

ASN1BERDecSXVal

ASN1BERDecOctetString

ASN1_Encode

ASN1Free

ASN1BERDecS32Val

ASN1_CreateEncoder

ASN1BEREncBool

ASN1BEREncU32

ASN1BEREncS32

CDFindCommonCSystemWithKey

CDLocateCSystem

MD5Init

CDLocateCheckSum

CDBuildIntegrityVect

CDGenerateRandomBits

MD5Final

MD5Update

LsaGetLogonSessionData

LsaFreeReturnBuffer

CredMarshalTargetInfo

FreeContextBuffer

CredUnmarshalTargetInfo

_wcsnicmp

sscanf

qsort

wcscmp

wcsrchr

wcsspn

_stricmp

strchr

wcstoul

swprintf

malloc

wcscpy

wcscat

wcslen

_adjust_fdiv

free

_strcmpi

_ultoa

_initterm

_vsnprintf

_strnicmp

_wcsicmp

strrchr

_except_handler3

sprintf

RtlEqualDomainName

RtlUniform

RtlInitializeSid

RtlTimeToTimeFields

RtlFreeSid

RtlConvertSharedToExclusive

RtlInsertElementGenericTable

NtQueryInformationToken

NtCreateEvent

RtlSetDaclSecurityDescriptor

NtQuerySystemInformation

RtlOemStringToUnicodeString

RtlCreateTimerQueue

RtlVerifyVersionInfo

NtDuplicateObject

RtlInitUnicodeString

RtlInitAnsiString

RtlDeleteResource

RtlReleaseResource

RtlAcquireResourceExclusive

RtlLookupElementGenericTable

DbgPrint

RtlCompareUnicodeString

RtlDeleteTimerQueue

RtlEqualUnicodeString

RtlFreeUnicodeString

RtlInitializeCriticalSection

RtlLookupElementGenericTableAvl

NtOpenThreadToken

RtlDowncaseUnicodeString

RtlDeleteCriticalSection

RtlLeaveCriticalSection

RtlCopyUnicodeString

NtOpenEvent

RtlRunDecodeUnicodeString

RtlAllocateAndInitializeSid

RtlSubAuthorityCountSid

RtlFreeAnsiString

NtAllocateLocallyUniqueId

RtlEnterCriticalSection

RtlCreateTimer

RtlLengthRequiredSid

RtlInsertElementGenericTableAvl

RtlSystemTimeToLocalTime

RtlDeleteElementGenericTable

RtlCopyLuid

NtQuerySystemTime

RtlInitializeGenericTable

RtlLengthSid

RtlEraseUnicodeString

RtlUpcaseUnicodeString

VerSetConditionMask

RtlValidSid

RtlAppendUnicodeStringToString

RtlCompareMemory

RtlPrefixUnicodeString

RtlCreateSecurityDescriptor

NtClose

RtlAcquireResourceShared

RtlEqualSid

RtlSubAuthoritySid

RtlRegisterWait

RtlCreateAcl

RtlGetElementGenericTable

RtlConvertSidToUnicodeString

RtlAnsiStringToUnicodeString

NtAllocateVirtualMemory

RtlUnicodeStringToAnsiString

RtlDeregisterWait

RtlInitializeResource

NtOpenProcessToken

RtlIntegerToUnicodeString

RtlInitializeGenericTableAvl

RtlCopySid

NtWaitForSingleObject

RtlNtStatusToDosError

NtSetSecurityObject

RtlTimeFieldsToTime

DebugBreak

DisableThreadLibraryCalls

OpenEventW

InterlockedCompareExchange

RaiseException

OpenFileMappingW

LoadLibraryA

UnmapViewOfFile

FormatMessageW

GetCurrentThread

MapViewOfFileEx

TerminateProcess

GetProcAddress

GetCurrentProcess

GetCurrentProcessId

CreateEventW

WriteFile

InterlockedExchangeAdd

GetEnvironmentVariableW

SetUnhandledExceptionFilter

CreateFileMappingW

LocalAlloc

GetComputerNameW

InitializeCriticalSection

CloseHandle

GetModuleFileNameA

CreateFileA

QueryPerformanceCounter

LeaveCriticalSection

lstrcpyW

SetEvent

InterlockedDecrement

Sleep

lstrcmpW

InterlockedIncrement

lstrlenW

WideCharToMultiByte

ExpandEnvironmentStringsW

UnregisterWait

LocalFree

GetCurrentThreadId

CreateFileW

MultiByteToWideChar

GetSystemTimeAsFileTime

VirtualAlloc

UnhandledExceptionFilter

GetModuleFileNameW

RegisterWaitForSingleObjectEx

GetModuleHandleW

FileTimeToSystemTime

InterlockedExchange

GetLastError

GetProfileStringA

OutputDebugStringA

FreeLibrary

LoadLibraryW

GetComputerNameExW

GetSystemInfo

DeleteCriticalSection

lstrcmpiA

GetACP

EnterCriticalSection

GetTickCount

GetLocalTime

lstrlenA

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_CNT_UNINITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE