IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

GetCurrentHwProfileA

ObjectCloseAuditAlarmA

GetExplicitEntriesFromAclW

RevertToSelf

ControlService

ObjectPrivilegeAuditAlarmW

LookupPrivilegeValueW

GetCurrentHwProfileW

ConvertStringSecurityDescriptorToSecurityDescriptorA

RegQueryValueA

SystemFunction009

SystemFunction007

RegQueryInfoKeyW

CryptSetProviderExA

CreateServiceA

RegEnumKeyW

GetEffectiveRightsFromAclW

CreatePrivateObjectSecurity

ElfBackupEventLogFileW

SetNamedSecurityInfoExW

MakeSelfRelativeSD

QueryServiceConfigA

ElfCloseEventLog

CryptDestroyHash

RegDeleteValueA

CryptGetProvParam

RegCreateKeyExA

TrusteeAccessToObjectA

LsaLookupNames

AddAccessAllowedAceEx

StartServiceCtrlDispatcherW

ReadEventLogW

GetAccessPermissionsForObjectW

DecryptFileW

CloseEventLog

AddAccessAllowedAce

LsaAddAccountRights

LsaEnumeratePrivileges

GetTokenInformation

RegReplaceKeyW

CryptSignHashA

CryptExportKey

GetSidIdentifierAuthority

OpenThreadToken

LsaOpenSecret

QueryRecoveryAgentsOnEncryptedFile

GetTrusteeTypeW

QueryServiceConfig2A

LsaAddPrivilegesToAccount

LsaGetRemoteUserName

DuplicateTokenEx

LookupSecurityDescriptorPartsW

SystemFunction002

SetEntriesInAccessListA

RegConnectRegistryA

SystemFunction019

AddAuditAccessObjectAce

GetMultipleTrusteeOperationW

GetAuditedPermissionsFromAclA

LsaSetInformationTrustedDomain

ReportEventA

InitiateSystemShutdownW

CryptGetHashParam

AccessCheckByTypeAndAuditAlarmW

LsaQueryInfoTrustedDomain

SetSecurityDescriptorSacl

LsaQueryDomainInformationPolicy

BuildImpersonateTrusteeA

BuildImpersonateExplicitAccessWithNameW

SystemFunction030

LsaSetTrustedDomainInfoByName

CryptCreateHash

MapGenericMask

ElfNumberOfRecords

GetFileSecurityW

ChangeServiceConfig2W

AddAccessDeniedAceEx

ElfChangeNotify

RegCreateKeyW

CheckTokenMembership

CryptVerifySignatureA

ConvertAccessToSecurityDescriptorW

QueryServiceStatus

ReadEventLogA

RegisterEventSourceW

ConvertSidToStringSidA

GetSecurityDescriptorControl

FileEncryptionStatusW

LsaRemovePrivilegesFromAccount

LsaDeleteTrustedDomain

CryptGetKeyParam

SetEntriesInAclW

ConvertSecurityDescriptorToAccessA

SystemFunction020

ImageList_GetIconSize

ImageList_Create

ord8

ImageList_GetImageInfo

ord4

InitCommonControlsEx

ImageList_SetImageCount

ord16

InitializeFlatSB

FlatSB_SetScrollRange

PropertySheetA

ImageList_GetImageCount

ImageList_SetIconSize

ImageList_SetOverlayImage

ImageList_LoadImageW

ord17

FlatSB_SetScrollProp

ImageList_Write

PropertySheetW

FlatSB_GetScrollRange

ord7

UninitializeFlatSB

DestroyPropertySheetPage

DrawStatusTextW

ImageList_LoadImageA

ImageList_SetFilter

FlatSB_EnableScrollBar

ImageList_Copy

FlatSB_ShowScrollBar

ord3

ImageList_Remove

ImageList_Add

ImageList_Draw

ord6

FlatSB_GetScrollPos

CreateToolbarEx

ImageList_ReplaceIcon

ImageList_AddIcon

ImageList_DragMove

ImageList_GetDragImage

ImageList_DragEnter

ImageList_BeginDrag

FlatSB_SetScrollPos

CreatePropertySheetPageW

ImageList_SetBkColor

ImageList_Duplicate

ImageList_Destroy

FlatSB_SetScrollInfo

ImageList_Merge

ImageList_Replace

ImageList_DrawEx

ImageList_GetIcon

FlatSB_GetScrollProp

_TrackMouseEvent

CreatePropertySheetPageA

ord13

ImageList_DrawIndirect

ord5

ord2

ImageList_GetImageRect

ImageList_Read

ord14

FlatSB_GetScrollInfo

ImageList_AddMasked

ImageList_EndDrag

ImageList_GetBkColor

ImageList_DragLeave

CreateStatusWindowW

ord15

ImageList_DragShowNolock

ImageList_SetDragCursorImage

VirtualAlloc

GetModuleHandleA

CreateMailslotA

CancelIo

GetCommProperties

GetNumberFormatW

GetNextVDMCommand

GetVersion

Heap32ListNext

TerminateThread

GetConsoleKeyboardLayoutNameW

ReadConsoleW

ClearCommBreak

LoadResource

SetThreadAffinityMask

CreateJobObjectW

CreateToolhelp32Snapshot

GetProcAddress

SetConsoleCursorPosition

OpenConsoleW

FindVolumeMountPointClose

OpenMutexA

LoadLibraryA

EnterCriticalSection

EnumDateFormatsA

ReadFileScatter

GetAtomNameA

RtlUnwind

RegisterWowExec

GetLargestConsoleWindowSize

GetProfileIntA

GetHandleInformation

EnumTimeFormatsA

GlobalFree

GetProcessHeaps

IsValidLocale

SetFilePointerEx

GetConsoleCursorInfo

MoveFileWithProgressA

Heap32ListFirst

GetVolumePathNameW

Process32Next

LockResource

SystemTimeToFileTime

OutputDebugStringA

SuspendThread

LocalFileTimeToFileTime

GetProcessTimes

IsBadCodePtr

GetStartupInfoW

SetFileApisToOEM

lstrcatW

CompareFileTime

GetSystemTime

WriteProcessMemory

MultiByteToWideChar

Sleep

EnumResourceLanguagesA

CreateDirectoryExA

GetFileAttributesExA

CreateFileA

GetShortPathNameW

SearchPathA

SetVolumeMountPointA

CreateMutexA

lstrcpyA

EnumResourceTypesA

UTUnRegister

CreateHardLinkW

CmdBatNotification

InterlockedExchangeAdd

GetVersionExW

DosDateTimeToFileTime

_lclose

AddAtomW

ReadConsoleOutputAttribute

TransactNamedPipe

GetCurrentThread

ExtractAssociatedIconExW

RegenerateUserEnvironment

SHInvokePrinterCommandA

StrRChrIA

ExtractIconW

StrChrIW

ord179

InternalExtractIconListW

SHGetSpecialFolderLocation

StrCmpNW

ShellAboutA

StrChrIA

ord180

SHLoadInProc

SheGetDirA

SHGetDesktopFolder

SHGetInstanceExplorer

DoEnvironmentSubstA

SHGetDataFromIDListA

ShellExecuteExA

StrRChrA

StrRStrIW

RealShellExecuteExA

StrCmpNA

RealShellExecuteExW

DuplicateIcon

SHGetSettings

SheChangeDirExW

SHFileOperationA

StrNCmpW

DragQueryFileAorW

SHGetSpecialFolderPathA

StrStrIW

ExtractAssociatedIconW

CheckEscapesW

SHFileOperationW

SHEmptyRecycleBinW

FindExecutableA

SHChangeNotify

Shell_NotifyIconA

StrNCmpIW

SHQueryRecycleBinW

SHFormatDrive

StrChrA

StrStrW

SHGetSpecialFolderPathW

ExtractAssociatedIconA

DragQueryFileW

ShellAboutW

DeletePrinterDriverA

DeletePrinter

SetPrinterDataExW

AddJobW

EnumJobsA

ord205

DeletePrinterDriverW

ConvertUnicodeDevModeToAnsiDevmode

ADVANCEDSETUPDIALOG

EnumPrintProcessorDatatypesW

AddPortW

EnumPrinterKeyW

DeleteFormW

ord210

DeletePrintProvidorA

AddPrinterDriverExA

DocumentPropertiesW

DeletePrinterConnectionA

DeletePrintProvidorW

FindClosePrinterChangeNotification

GetPrinterDataA

EnumPrintProcessorDatatypesA

DeletePortA

DeletePrintProcessorA

AddMonitorW

PlayGdiScriptOnPrinterIC

EnumPrinterDataExW

SetFormW

AddPrinterConnectionW

AddJobA

QueryRemoteFonts

GetJobW

DevicePropertySheets

DocumentEvent

DeletePrinterConnectionW

EnumPrinterDataExA

ldexp

_mbsdec

_mbsupr

_mbsnset

_mbsinc

_mbsnccnt

_mbsicoll

wprintf

_strerror

__RTtypeid

__p__iob

ungetc

_wfindnext

scanf

is_wctype

fwprintf

isdigit

__wgetmainargs

strcmp

_mbccpy

_mbsnbcat

_getch

strstr

_mbsncpy

exp

_ismbcpunct

_spawnlp

vswprintf

getc

_fgetwchar

_ecvt

_fileno

_getpid

__p___argv

_spawnle

_wgetdcwd

_adj_fdiv_m16i

fprintf

srand

fputc

_Gettnames

getwc

_logb

asin

fwrite

fputs

fread

_cputs

printf

_CItan

_ismbbkana

_sys_nerr

_fputwchar

_mbsnicoll

_spawnl

_spawnve

_CxxThrowException

strcat

_spawnv

_mbslwr

_mbctombb

fopen

_fpieee_flt

_HUGE

_unlink

_CIlog10

_acmdln

_ltoa

fgetc

fmod

ftell

__p___initenv

__CxxLongjmpUnwind

_getdllprocaddr

_adj_fdiv_m32i

_get_osfhandle

ferror

_safe_fprem

_toupper

_ismbblead

_mbsnbcoll

_ismbcsymbol

_mbscspn

strncat

_wexecle

cosh

_isctype

strtol

memset

iswpunct

fsetpos

wcsftime

_controlfp

vsprintf

__p__acmdln

fclose

_wcslwr

_fstat

_wexecve

_atoi64

tolower

wcspbrk

_CIsin

feof

sprintf

_adj_fdivr_m16i

fseek

_callnewh

_strdup

_putch

_j0

_wpopen

_mbscat

__p__osver

__threadhandle

ispunct

wcsstr

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ