IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_RELOCS_STRIPPED

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

CredMarshalTargetInfo

CredUnmarshalTargetInfo

LsaGetLogonSessionData

FreeContextBuffer

LsaFreeReturnBuffer

sprintf

wcscpy

_ultoa

wcsrchr

swprintf

qsort

malloc

_vsnprintf

_strnicmp

sscanf

wcslen

_stricmp

_initterm

wcsspn

wcscmp

_strcmpi

wcstoul

_wcsicmp

_wcsnicmp

_adjust_fdiv

free

strchr

wcscat

_except_handler3

strrchr

RtlUnicodeStringToAnsiString

RtlSubAuthoritySid

RtlLeaveCriticalSection

RtlDeleteTimerQueue

RtlGetElementGenericTable

RtlDeleteResource

RtlDeregisterWait

RtlFreeSid

NtDuplicateObject

RtlIntegerToUnicodeString

RtlDeleteElementGenericTable

RtlEqualSid

RtlInitAnsiString

RtlInsertElementGenericTableAvl

RtlCompareMemory

RtlUpcaseUnicodeString

VerSetConditionMask

RtlSetDaclSecurityDescriptor

RtlCreateSecurityDescriptor

RtlCreateAcl

RtlDeleteCriticalSection

RtlLengthRequiredSid

NtAllocateLocallyUniqueId

RtlInitializeGenericTable

RtlNtStatusToDosError

RtlAnsiStringToUnicodeString

RtlVerifyVersionInfo

RtlFreeAnsiString

RtlTimeToTimeFields

RtlEqualDomainName

RtlCompareUnicodeString

RtlInsertElementGenericTable

NtOpenProcessToken

RtlAppendUnicodeStringToString

RtlCreateTimerQueue

RtlInitializeSid

RtlRunDecodeUnicodeString

RtlInitializeGenericTableAvl

NtQuerySystemTime

RtlLookupElementGenericTableAvl

RtlAcquireResourceShared

RtlConvertSidToUnicodeString

RtlOemStringToUnicodeString

RtlRegisterWait

RtlInitUnicodeString

RtlPrefixUnicodeString

RtlLookupElementGenericTable

NtOpenThreadToken

NtSetSecurityObject

DbgPrint

RtlReleaseResource

NtCreateEvent

RtlValidSid

NtAllocateVirtualMemory

RtlEraseUnicodeString

RtlEqualUnicodeString

RtlFreeUnicodeString

RtlInitializeCriticalSection

RtlSystemTimeToLocalTime

RtlCopySid

RtlUniform

RtlLengthSid

RtlCreateTimer

RtlAddAccessAllowedAce

RtlEnterCriticalSection

NtQueryInformationToken

NtWaitForSingleObject

RtlCopyLuid

RtlInitializeResource

RtlAcquireResourceExclusive

NtQuerySystemInformation

RtlAllocateAndInitializeSid

RtlCopyUnicodeString

RtlSubAuthorityCountSid

NtOpenEvent

RtlConvertSharedToExclusive

RtlTimeFieldsToTime

RtlDowncaseUnicodeString

CDBuildIntegrityVect

MD5Final

MD5Init

CDFindCommonCSystemWithKey

CDGenerateRandomBits

CDLocateCheckSum

CDLocateCSystem

MD5Update

ASN1BERDecEndOfContents

ASN1_CreateDecoder

ASN1BERDecSXVal

ASN1BERDecS32Val

ASN1_CreateEncoder

ASN1BERDecSkip

ASN1BERDecCharString

ASN1intx2int32

ASN1_Encode

ASN1BERDecNotEndOfContents

ASN1intxisuint32

ASN1BERDecExplicitTag

ASN1intx_free

ASN1BERDecOctetString

ASN1BEREncOctetString

ASN1_FreeDecoded

ASN1DecAlloc

ASN1_FreeEncoded

ASN1_CloseDecoder

ASN1BEREncBool

ASN1BEREncOpenType

ASN1BERDecBitString

ASN1BEREncObjectIdentifier

ASN1BEREncEndOfContents

ASN1BEREncExplicitTag

ASN1BERDecObjectIdentifier

ASN1_CreateModule

ASN1EncSetError

ASN1charstring_free

ASN1intx2uint32

ASN1BERDecBool

ASN1BERDecU32Val

ASN1DecSetError

ASN1octetstring_free

ASN1BERDecPeekTag

ASN1Free

ASN1BEREncS32

ASN1ztcharstring_free

ASN1BEREncBitString

ASN1BERDecGeneralizedTime

ASN1BERDecOpenType2

ASN1BEREncSX

ASN1BEREncCharString

ASN1CEREncGeneralizedTime

ASN1_Decode

ASN1_CloseEncoder

ASN1objectidentifier_free

ASN1BEREncU32

ASN1bitstring_free

ASN1BERDecZeroCharString

ASN1intx_setuint32

GetACP

lstrlenA

OpenFileMappingW

GetComputerNameW

MapViewOfFileEx

EnterCriticalSection

GetModuleFileNameW

LoadLibraryA

lstrlenW

GetCurrentProcessId

lstrcmpW

CreateFileMappingW

CreateFileW

GetCurrentThreadId

InterlockedDecrement

GetProcAddress

GetEnvironmentVariableW

RegisterWaitForSingleObjectEx

lstrcmpiA

GetProfileStringA

GetLastError

OutputDebugStringA

FreeLibrary

MultiByteToWideChar

UnhandledExceptionFilter

GetCurrentProcess

LeaveCriticalSection

GetTickCount

CreateFileA

GetCurrentThread

CloseHandle

VirtualAlloc

InterlockedExchangeAdd

LocalAlloc

SetEvent

WriteFile

OpenEventW

InterlockedExchange

SetUnhandledExceptionFilter

LoadLibraryW

WideCharToMultiByte

TerminateProcess

Sleep

LocalFree

RaiseException

lstrcpyW

FileTimeToSystemTime

UnregisterWait

GetModuleFileNameA

DebugBreak

DeleteCriticalSection

GetSystemTimeAsFileTime

GetModuleHandleW

GetSystemInfo

DisableThreadLibraryCalls

GetComputerNameExW

QueryPerformanceCounter

GetLocalTime

InterlockedIncrement

InitializeCriticalSection

UnmapViewOfFile

FormatMessageW

CreateEventW

ExpandEnvironmentStringsW

InterlockedCompareExchange

QueryServiceStatus

CredFree

AllocateAndInitializeSid

CloseServiceHandle

OpenProcessToken

RegDeleteValueW

CryptCreateHash

RegCloseKey

RegCreateKeyExW

RegSetValueExW

RegisterTraceGuidsW

CryptGetHashParam

DeregisterEventSource

SystemFunction006

RegQueryValueExW

TraceEvent

RegNotifyChangeKeyValue

CryptAcquireContextW

RegEnumKeyExW

GetTraceLoggerHandle

RegConnectRegistryW

SystemFunction007

QueryServiceConfigW

RegisterEventSourceW

CryptGetProvParam

CredUnmarshalCredentialW

OpenSCManagerW

RegOpenKeyW

CryptHashData

LookupAccountSidW

RegQueryInfoKeyW

CryptReleaseContext

RegOpenKeyExW

OpenThreadToken

GetTokenInformation

OpenServiceW

ReportEventW

CryptDestroyHash

RevertToSelf

FreeSid

CryptSetProvParam

SetThreadToken

wsprintfW

CharLowerBuffW

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_CNT_UNINITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE