IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_32BIT_MACHINE

RegSetValueExW

SetFileSecurityW

GetFileSecurityW

IsValidSecurityDescriptor

RegOpenKeyExA

RegQueryValueExA

ConvertSidToStringSidW

ConvertStringSecurityDescriptorToSecurityDescriptorW

LookupAccountNameW

ConvertSecurityDescriptorToStringSecurityDescriptorW

RegSetKeySecurity

RegGetKeySecurity

AllocateAndInitializeSid

FreeSid

EnumServicesStatusW

EqualSid

LsaLookupNames2

LsaGetUserName

LsaLookupSids

CredUnmarshalCredentialW

CredFree

SystemFunction034

OpenSCManagerA

OpenServiceA

StartServiceA

SystemFunction007

MD5Init

MD5Update

MD5Final

SystemFunction001

RegQueryInfoKeyW

RegFlushKey

RegEnumValueW

ChangeServiceConfigW

StartServiceW

EnumDependentServicesW

ControlService

OpenSCManagerW

OpenServiceW

QueryServiceConfigW

QueryServiceStatus

CloseServiceHandle

RevertToSelf

SetThreadToken

LsaCreateSecret

LsaQuerySecret

LsaSetSecret

LsaDelete

LsaSetInformationPolicy

RegDeleteKeyW

RegCreateKeyExW

CryptAcquireContextW

CryptGenRandom

CryptReleaseContext

LookupAccountSidW

GetSidSubAuthorityCount

GetSidSubAuthority

RegOpenKeyW

LsaOpenSecret

RegConnectRegistryW

RegOpenKeyExW

LsaOpenPolicy

LsaQueryInformationPolicy

LsaFreeMemory

LsaClose

RegQueryValueExW

RegCloseKey

OpenThreadToken

AccessCheck

SystemFunction016

SystemFunction006

SystemFunction012

VerifyVersionInfoW

GetComputerNameW

GetThreadLocale

LoadLibraryW

GetVersionExW

lstrlenW

Sleep

GetSystemWindowsDirectoryW

lstrcpyA

lstrlenA

lstrcatA

CreateMailslotA

GetTimeZoneInformation

LocalAlloc

LocalFree

GetComputerNameExW

FlushFileBuffers

EnterCriticalSection

GetLocalTime

LeaveCriticalSection

GetWindowsDirectoryW

GetFileAttributesW

CreateDirectoryW

DeleteFileW

MoveFileW

SetFilePointer

GetCurrentThread

SetUnhandledExceptionFilter

UnhandledExceptionFilter

GetCurrentProcess

WideCharToMultiByte

GetSystemTimeAsFileTime

GetCurrentProcessId

GetCurrentThreadId

GetTickCount

QueryPerformanceCounter

LoadLibraryA

InterlockedCompareExchange

FreeLibrary

GetProcAddress

DelayLoadFailureHook

CreateEventW

InitializeCriticalSection

DeleteCriticalSection

CreateFileW

GetLastError

WriteFile

CloseHandle

WaitForSingleObjectEx

SetMailslotInfo

ReadFile

MultiByteToWideChar

lstrcmpiW

GetModuleFileNameA

InterlockedDecrement

InterlockedIncrement

SetThreadPriority

CreateThread

ExitThread

HeapAlloc

InterlockedExchange

LocalReAlloc

LocalHandle

LocalSize

SetComputerNameExW

ExpandEnvironmentStringsW

HeapFree

GetProcessHeap

TerminateProcess

VirtualAllocEx

LocalUnlock

GlobalReAlloc

_llseek

UpdateResourceW

ReplaceFile

OpenProcess

DosPathToSessionPathW

SetEnvironmentVariableA

GetSystemDefaultLangID

GlobalWire

CreateProcessA

IsProcessInJob

EnumUILanguagesW

CreateDirectoryA

GetTapeParameters

ConsoleMenuControl

GetConsoleTitleW

GetVolumePathNamesForVolumeNameW

GetConsoleKeyboardLayoutNameW

IsWow64Process

lstrcmp

SetConsoleInputExeNameA

GetDiskFreeSpaceExA

GetCurrentDirectoryW

SetCommBreak

SetProcessWorkingSetSize

OpenProfileUserMapping

GetWriteWatch

EnumUILanguagesA

GetFileTime

GetTempPathA

FindFirstVolumeA

GetComputerNameA

GetCalendarInfoW

FillConsoleOutputCharacterA

GetThreadContext

AddLocalAlternateComputerNameW

QueryInformationJobObject

UnlockFile

GetBinaryTypeW

WaitForMultipleObjects

InterlockedPopEntrySList

SetVolumeMountPointW

EnumTimeFormatsA

OutputDebugStringA

OpenThread

FlushConsoleInputBuffer

TlsGetValue

OpenFileMappingW

LZCreateFileW

GetConsoleAliasesLengthA

GetVersionExA

ReadConsoleA

GetLogicalDriveStringsW

lstrcpyW

DeleteFiber

IsDBCSLeadByte

CreatePipe

lstrcat

SetFileValidData

EnumCalendarInfoExA

SetConsoleIcon

SetProcessPriorityBoost

FindNextChangeNotification

FindActCtxSectionStringA

ReadProcessMemory

FindAtomW

FindVolumeMountPointClose

GetSystemDefaultLCID

IsBadReadPtr

RegisterWaitForInputIdle

SetSystemTimeAdjustment

PrivCopyFileExW

GetLogicalDriveStringsA

AddAtomW

SetErrorMode

GetCommandLineA

GetModuleHandleA

GlobalAlloc

CreateToolhelp32Snapshot

IsValidCodePage

Process32First

lstrcmpiA

Process32Next

gmtime

_ultoa

_initterm

wcsstr

_strnicmp

wcsncmp

malloc

free

wcstombs

mbstowcs

iswdigit

wcscpy

iswctype

strcspn

towupper

wcscspn

_stricmp

_wcslwr

_wcsupr

_vsnwprintf

strncpy

time

srand

rand

wcschr

_wcsnicmp

wcstoul

wcsspn

sprintf

_vsnprintf

swprintf

qsort

isdigit

_strupr

wcscmp

memmove

_wcsicmp

wcscat

wcsncpy

wcslen

wcsrchr

RtlValidSecurityDescriptor

RtlMakeSelfRelativeSD

RtlDnsHostNameToComputerName

RtlLengthSecurityDescriptor

RtlSecondsSince1970ToTime

RtlGetDaclSecurityDescriptor

RtlRandom

NtOpenEvent

NtWaitForMultipleObjects

NtCreateEvent

NtDeviceIoControlFile

NtWaitForSingleObject

NtResetEvent

NtSetEvent

RtlIsDosDeviceName_U

RtlDetermineDosPathNameType_U

RtlDestroyEnvironment

RtlCreateEnvironment

RtlExpandEnvironmentStrings_U

RtlSetEnvironmentVariable

RtlUnicodeToOemN

RtlQueryTimeZoneInformation

RtlTimeToSecondsSince1980

RtlQueryInformationAcl

RtlGetAce

NtOpenThreadToken

NtImpersonateAnonymousToken

NtCreateFile

NtFsControlFile

NtQuerySystemTime

RtlTimeToSecondsSince1970

RtlUpcaseUnicodeToOemN

RtlUpcaseUnicodeString

VerSetConditionMask

RtlGetNtProductType

RtlRunDecodeUnicodeString

RtlRunEncodeUnicodeString

NtOpenFile

RtlFreeOemString

RtlConvertSidToUnicodeString

RtlFreeUnicodeString

RtlCompareMemory

RtlUpcaseUnicodeStringToOemString

RtlInitAnsiString

NtDuplicateToken

NtAdjustPrivilegesToken

NtSetInformationThread

RtlCompareMemoryUlong

RtlNewSecurityObject

RtlCreateAcl

RtlAddAce

RtlCreateSecurityDescriptor

RtlSetOwnerSecurityDescriptor

RtlSetGroupSecurityDescriptor

RtlSetDaclSecurityDescriptor

RtlSetSaclSecurityDescriptor

RtlDeleteSecurityObject

RtlCopySid

RtlSubAuthoritySid

RtlInitializeSid

DbgPrint

RtlxUnicodeStringToAnsiSize

RtlUnicodeStringToAnsiString

NlsMbCodePageTag

RtlxAnsiStringToUnicodeSize

RtlAnsiStringToUnicodeString

RtlInitString

RtlxOemStringToUnicodeSize

RtlOemStringToUnicodeString

NlsMbOemCodePageTag

RtlxUnicodeStringToOemSize

RtlUnicodeStringToOemString

RtlEqualSid

RtlEqualUnicodeString

RtlAllocateHeap

RtlFreeHeap

RtlCompareUnicodeString

RtlLengthSid

RtlAdjustPrivilege

NtAccessCheckAndAuditAlarm

RtlConvertUiListToApiList

RtlInitUnicodeString

NtOpenProcessToken

NtQueryInformationToken

RtlCopyLuid

NtClose

RtlUnicodeToMultiByteN

RtlNtStatusToDosError

RtlCopyUnicodeString

RtlUniform

RpcImpersonateClient

I_RpcMapWin32Status

NdrClientCall2

RpcBindingSetAuthInfoExW

RpcRevertToSelf

RpcBindingFree

RpcStringFreeW

RpcBindingFromStringBindingW

RpcStringBindingComposeW

UuidCreate

I_RpcExceptionFilter

RpcBindingSetAuthInfoW

RpcStringFreeA

UuidToStringA

GetErrorInfo

OleLoadPicture

VarDecFromUI8

VarUI4FromDec

SafeArrayRedim

SafeArrayDestroyData

SafeArrayGetUBound

VarI8FromI2

VarI4FromR8

VarBoolFromUI4

VariantTimeToDosDateTime

VarI2FromI4

LoadTypeLibEx

VarDecRound

VarI4FromBool

LPSAFEARRAY_UserMarshal

VarCyFix

VarBstrFromDisp

VarFormatFromTokens

VarUI4FromDisp

VarUI2FromR8

SafeArrayAllocData

SafeArrayGetElemsize

VarR8FromUI2

SafeArrayAllocDescriptorEx

VarUI1FromDec

VarUI8FromI1

VarBoolFromUI2

VarI1FromUI8

VarUI4FromI1

SysReAllocString

InitCommonControlsEx

ImageList_SetIconSize

CreateToolbar

ImageList_DrawEx

InitCommonControls

MakeDragList

CreateUpDownControl

PathFindFileNameA

SHGetValueA

ColorAdjustLuma

StrToIntExA

SHRegQueryInfoUSKeyA

PathIsContentTypeA

UrlCombineA

PathFindExtensionA

SHRegGetPathA

UrlCombineW

IntlStrEqWorkerA

StrChrW

SHRegEnumUSValueW

PathFindOnPathA

PathUnquoteSpacesA

PathIsSystemFolderW

AssocQueryStringA

PathRemoveExtensionW

PathIsRelativeA

StrChrNW

SHRegSetUSValueW

SHRegCreateUSKeyW

SHIsLowMemoryMachine

StrCatW

StrRStrIA

ExitWindowsEx

CharUpperA

GetClipboardViewer

DrawCaptionTempA

AlignRects

EnumPropsExA

GetWindowModuleFileName

DefMDIChildProcA

IMPSetIMEW

EnumDisplaySettingsA

DlgDirListComboBoxW

RegisterWindowMessageW

SendMessageTimeoutA

BeginPaint

GetWindowRgnBox

SetDoubleClickTime

IsDlgButtonChecked

IMPQueryIMEA

UnregisterMessagePumpHook

UnhookWindowsHook

PrivateExtractIconsA

HideCaret

RegisterClassW

RegisterShellHookWindow

GetRawInputData

IsDialogMessageA

DdeInitializeA

GrayStringA

UserHandleGrantAccess

MonitorFromRect

OpenWindowStationA

GetDlgItemInt

IsDialogMessageW

SetClipboardViewer

AdjustWindowRect

GetFocus

DestroyMenu

InvertRect

CharLowerA

PackDDElParam

ScrollWindow

DdeQueryStringA

RealGetWindowClassA

LoadCursorFromFileA

GetWindowLongW

DdeCreateStringHandleW

WindowFromDC

DdeInitializeW

MessageBoxTimeoutW

UnlockWindowStation

MonitorFromPoint

ValidateRgn

SetMenuDefaultItem

EnumWindowStationsW

GrayStringW

OpenDesktopW

GetUpdateRect

OpenDesktopA

OemToCharA

keybd_event

BroadcastSystemMessageExW

UnionRect

GetRawInputDeviceList

TabbedTextOutA

SetClassLongA

SetWindowsHookA

GetWindowContextHelpId

WinHelpA

GetLastInputInfo

FillRect

CreateDialogParamA

PrivateExtractIconExW

CalcMenuBar

DdeAbandonTransaction

CheckMenuItem

GetClipCursor

DdeKeepStringHandle

QuerySendMessage

GetMonitorInfoW

EnumDisplaySettingsExW

SetLayeredWindowAttributes

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_CNT_UNINITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ