IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

CryptSetHashParam

CryptGetHashParam

CryptExportKey

CryptAcquireContextW

CryptSetKeyParam

CryptGetKeyParam

CryptReleaseContext

CryptDuplicateKey

CryptAcquireContextA

CryptGetProvParam

CryptImportKey

SystemFunction007

CryptEncrypt

CryptCreateHash

CryptGenKey

CryptDestroyKey

CryptDecrypt

CryptDestroyHash

CryptHashData

CopySid

GetLengthSid

LsaQueryInformationPolicy

LsaOpenPolicy

LsaClose

CreateWellKnownSid

CreateProcessWithLogonW

CreateProcessAsUserW

RegQueryValueExW

RegQueryInfoKeyW

RegEnumValueW

RegOpenKeyExW

RegEnumKeyExW

RegCloseKey

RegSetValueExW

SystemFunction032

ConvertSidToStringSidW

CreateServiceW

CloseServiceHandle

DeleteService

OpenSCManagerW

SetServiceObjectSecurity

OpenServiceW

BuildSecurityDescriptorW

QueryServiceObjectSecurity

StartServiceW

AllocateAndInitializeSid

QueryServiceStatusEx

FreeSid

ControlService

IsTextUnicode

OpenProcessToken

GetTokenInformation

LookupAccountNameW

LookupAccountSidW

DuplicateTokenEx

CheckTokenMembership

ConvertStringSidToSidW

LsaFreeMemory

CryptSetProvParam

CryptEnumProvidersW

CryptEnumProviderTypesW

SystemFunction006

CryptGetUserKey

OpenEventLogW

GetNumberOfEventLogRecords

ClearEventLogW

SystemFunction001

SystemFunction005

LsaQueryTrustedDomainInfoByName

SystemFunction025

LsaOpenSecret

LsaQuerySecret

SystemFunction013

LsaRetrievePrivateData

LsaEnumerateTrustedDomainsEx

LookupPrivilegeValueW

StartServiceCtrlDispatcherW

SetServiceStatus

RegisterServiceCtrlHandlerW

IsValidSid

LookupPrivilegeNameW

OpenThreadToken

SetThreadToken

CredFree

CredEnumerateW

GetSidSubAuthority

GetSidSubAuthorityCount

A_SHAFinal

A_SHAUpdate

A_SHAInit

CertAddEncodedCertificateToStore

CertOpenStore

CertFreeCertificateContext

CertCloseStore

CertSetCertificateContextProperty

PFXExportCertStoreEx

CryptUnprotectData

CryptBinaryToStringW

CryptStringToBinaryW

CryptProtectData

CryptExportPublicKeyInfo

CryptAcquireCertificatePrivateKey

CertNameToStrW

CertGetNameStringW

CertAddCertificateContextToStore

CertFindCertificateInStore

CertGetCertificateContextProperty

CertEnumCertificatesInStore

CryptSignAndEncodeCertificate

CertEnumSystemStore

CryptEncodeObject

MD5Final

MD5Update

MD5Init

CDLocateCSystem

CDGenerateRandomBits

CDLocateCheckSum

NetStatisticsGet

DsGetDcNameW

NetApiBufferFree

NetRemoteTOD

NetSessionEnum

NetServerGetInfo

NetShareEnum

NetWkstaUserEnum

I_NetServerTrustPasswordsGet

I_NetServerAuthenticate2

I_NetServerReqChallenge

CoCreateInstance

CoUninitialize

CoInitializeEx

SysAllocString

VariantInit

SysFreeString

RpcServerUseProtseqEpW

RpcBindingFromStringBindingW

RpcStringBindingComposeW

MesEncodeIncrementalHandleCreate

RpcBindingSetAuthInfoExW

RpcBindingInqAuthClientW

RpcBindingSetOption

RpcImpersonateClient

RpcBindingFree

RpcStringFreeW

RpcRevertToSelf

MesDecodeIncrementalHandleCreate

MesHandleFree

MesIncrementalHandleReset

NdrMesTypeDecode2

NdrMesTypeAlignSize2

NdrMesTypeFree2

NdrMesTypeEncode2

I_RpcBindingInqSecurityContext

NdrServerCall2

NdrClientCall2

UuidCreate

RpcEpResolveBinding

RpcServerUnregisterIfEx

RpcMgmtEpEltInqDone

RpcServerInqBindings

RpcServerListen

RpcEpRegisterW

RpcMgmtStopServerListening

RpcBindingToStringBindingW

RpcServerRegisterIf2

RpcServerRegisterAuthInfoW

RpcBindingVectorFree

RpcMgmtEpEltInqNextW

RpcEpUnregister

RpcMgmtEpEltInqBegin

PathFindFileNameW

PathCanonicalizeW

PathCombineW

PathIsDirectoryW

PathIsRelativeW

SamEnumerateAliasesInDomain

SamOpenDomain

SamConnect

SamSetInformationUser

SamiChangePasswordUser

SamEnumerateGroupsInDomain

SamGetGroupsForUser

SamGetMembersInGroup

SamRidToSid

SamGetMembersInAlias

SamGetAliasMembership

SamOpenGroup

SamQueryInformationUser

SamCloseHandle

SamEnumerateDomainsInSamServer

SamFreeMemory

SamEnumerateUsersInDomain

SamOpenUser

SamLookupDomainInSamServer

SamLookupNamesInDomain

SamOpenAlias

SamLookupIdsInDomain

FreeContextBuffer

LsaLookupAuthenticationPackage

LsaFreeReturnBuffer

LsaDeregisterLogonProcess

LsaConnectUntrusted

QueryContextAttributesW

LsaCallAuthenticationPackage

CommandLineToArgvW

IsCharAlphaNumericW

GetKeyboardLayout

CreateEnvironmentBlock

DestroyEnvironmentBlock

VerQueryValueW

GetFileVersionInfoSizeW

GetFileVersionInfoW

HidD_GetPreparsedData

HidD_GetHidGuid

HidD_GetAttributes

HidD_FreePreparsedData

HidP_GetCaps

SetupDiGetClassDevsW

SetupDiEnumDeviceInterfaces

SetupDiGetDeviceInterfaceDetailW

SetupDiDestroyDeviceInfoList

SCardGetAttrib

SCardFreeMemory

SCardConnectW

SCardListReadersW

SCardDisconnect

SCardGetCardTypeProviderNameW

SCardReleaseContext

SCardListCardsW

SCardEstablishContext

WinStationQueryInformationW

WinStationConnectW

WinStationFreeMemory

WinStationOpenServerW

WinStationEnumerateW

WinStationCloseServer

ord27

ord167

ord147

ord13

ord77

ord142

ord133

ord145

ord310

ord54

ord309

ord304

ord301

ord73

ord127

ord41

ord26

ord36

ord157

ord79

ord208

ASN1_CloseDecoder

ASN1_CloseModule

ASN1_FreeEncoded

ASN1_CreateDecoder

ASN1_CloseEncoder

ASN1BERDotVal2Eoid

ASN1_CreateEncoder

ASN1_CreateModule

towupper

wcstol

wcstoul

memmove

wcsstr

_wcsnicmp

strtoul

strrchr

wcschr

wcsrchr

_stricmp

_vscwprintf

_wcsicmp

RtlInitUnicodeString

RtlEqualUnicodeString

NtQueryObject

RtlCompressBuffer

RtlGetCompressionWorkSpaceSize

NtQuerySystemInformation

RtlGetCurrentPeb

NtQueryInformationProcess

RtlCreateUserThread

RtlGUIDFromString

RtlStringFromGUID

NtCompareTokens

RtlGetNtVersionNumbers

RtlUpcaseUnicodeString

RtlAppendUnicodeStringToString

RtlAnsiStringToUnicodeString

RtlFreeOemString

RtlUpcaseUnicodeStringToOemString

NtResumeProcess

RtlAdjustPrivilege

NtSuspendProcess

NtTerminateProcess

NtQuerySystemEnvironmentValueEx

NtSetSystemEnvironmentValueEx

NtEnumerateSystemEnvironmentValuesEx

RtlIpv4AddressToStringW

RtlIpv6AddressToStringW

RtlEqualString

RtlFreeUnicodeString

RtlDowncaseUnicodeString

RtlFreeAnsiString

RtlUnicodeStringToAnsiString

memcmp

__chkstk

HeapSize

GetTempPathW

MultiByteToWideChar

HeapValidate

HeapCreate

GetFileAttributesA

LeaveCriticalSection

HeapDestroy

GetVersionExW

FormatMessageW

GetCurrentThreadId

SetUnhandledExceptionFilter

UnhandledExceptionFilter

TerminateProcess

InitializeCriticalSection

FormatMessageA

GetSystemTimeAsFileTime

GetProcessHeap

UnlockFileEx

GetTickCount

OutputDebugStringW

WaitForSingleObjectEx

LockFile

FlushViewOfFile

UnlockFile

HeapFree

QueryPerformanceCounter

SystemTimeToFileTime

HeapAlloc

SetEndOfFile

TryEnterCriticalSection

HeapCompact

CreateMutexW

GetFileSize

CreateFileA

HeapReAlloc

GetFullPathNameA

GetFullPathNameW

FileTimeToLocalFileTime

GetTimeFormatW

WideCharToMultiByte

GetDateFormatW

lstrlenW

CreateRemoteThread

WaitForSingleObject

SetLastError

CreateProcessW

SetConsoleOutputCP

GetConsoleOutputCP

CreateFileMappingW

UnmapViewOfFile

MapViewOfFile

WriteProcessMemory

VirtualAllocEx

VirtualProtectEx

VirtualAlloc

ReadProcessMemory

VirtualFreeEx

VirtualQueryEx

VirtualFree

VirtualQuery

SetFilePointer

DeviceIoControl

DuplicateHandle

OpenProcess

GetCurrentProcess

ExpandEnvironmentStringsW

FindNextFileW

FindClose

GetCurrentDirectoryW

GetFileSizeEx

FlushFileBuffers

GetFileAttributesW

FindFirstFileW

CreateThread

LocalFree

CloseHandle

LocalAlloc

GetLastError

CreateFileW

ReadFile

TerminateThread

WriteFile

FileTimeToSystemTime

Sleep

VirtualProtect

DeleteCriticalSection

OutputDebugStringA

GetVersionExA

DeleteFileW

GetFileAttributesExW

GetCurrentProcessId

GetTempPathA

GetSystemTime

AreFileApisANSI

DeleteFileA

ExitProcess

RaiseException

SetConsoleCtrlHandler

SetConsoleTitleW

lstrlenA

FreeLibrary

LoadLibraryW

GetProcAddress

GetModuleHandleW

LockFileEx

EnterCriticalSection

CreateFileMappingA

GetDiskFreeSpaceA

GetSystemInfo

GetDiskFreeSpaceW

SetHandleInformation

CreatePipe

SetEvent

CreateEventW

SetConsoleCursorPosition

GetTimeZoneInformation

GetStdHandle

FillConsoleOutputCharacterW

GetComputerNameExW

GetConsoleScreenBufferInfo

SetCurrentDirectoryW

GetCurrentThread

ProcessIdToSessionId

GetProcessId

LoadLibraryA

RtlVirtualUnwind

RtlLookupFunctionEntry

RtlCaptureContext

gmtime

memset

memcpy

ungetc

_isatty

_write

_lseeki64

_read

__pioinfo

__badioinfo

?terminate@@YAXXZ

wcstombs

iswctype

ferror

wctomb

_itoa

_snprintf

localeconv

isxdigit

isleadbyte

__mb_cur_max

mbtowc

isspace

isdigit

calloc

__set_app_type

_fmode

_commode

__setusermatherr

_amsg_exit

_initterm

exit

_cexit

_exit

_XcptFilter

__wgetmainargs

_errno

free

_wcsdup

vfwprintf

fflush

_wfopen

wprintf

_fileno

_iob

vwprintf

_setmode

fclose

malloc

_msize

strftime

realloc

fgetws

_wpgmptr

__C_specific_handler

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ