IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

CryptSetHashParam

CryptGetHashParam

CryptExportKey

CryptAcquireContextW

CryptSetKeyParam

CryptGetKeyParam

CryptReleaseContext

CryptDuplicateKey

CryptAcquireContextA

CryptGetProvParam

CryptImportKey

SystemFunction007

CryptEncrypt

CryptCreateHash

CryptGenKey

CryptDestroyKey

CryptDecrypt

CryptDestroyHash

CryptHashData

CopySid

GetLengthSid

LsaQueryInformationPolicy

LsaOpenPolicy

LsaClose

CreateWellKnownSid

CreateProcessWithLogonW

CreateProcessAsUserW

RegQueryValueExW

RegQueryInfoKeyW

RegEnumValueW

RegOpenKeyExW

RegEnumKeyExW

RegCloseKey

RegSetValueExW

SystemFunction033

SystemFunction032

ConvertSidToStringSidW

CreateServiceW

CloseServiceHandle

DeleteService

OpenSCManagerW

SetServiceObjectSecurity

OpenServiceW

BuildSecurityDescriptorW

QueryServiceObjectSecurity

StartServiceW

AllocateAndInitializeSid

QueryServiceStatusEx

FreeSid

ControlService

IsTextUnicode

OpenProcessToken

GetTokenInformation

LookupAccountNameW

LookupAccountSidW

DuplicateTokenEx

CheckTokenMembership

CryptSetProvParam

CryptEnumProvidersW

ConvertStringSidToSidW

LsaFreeMemory

GetSidSubAuthority

GetSidSubAuthorityCount

IsValidSid

SetThreadToken

CryptEnumProviderTypesW

SystemFunction006

CryptGetUserKey

OpenEventLogW

GetNumberOfEventLogRecords

ClearEventLogW

SystemFunction001

CryptDeriveKey

SystemFunction005

LsaQueryTrustedDomainInfoByName

CryptSignHashW

LsaSetSecret

SystemFunction023

LsaOpenSecret

LsaQuerySecret

LsaRetrievePrivateData

LsaEnumerateTrustedDomainsEx

LookupPrivilegeValueW

StartServiceCtrlDispatcherW

SetServiceStatus

RegisterServiceCtrlHandlerW

LookupPrivilegeNameW

OpenThreadToken

EqualSid

CredFree

CredEnumerateW

SystemFunction026

ConvertStringSecurityDescriptorToSecurityDescriptorW

SystemFunction027

SystemFunction041

CredIsMarshaledCredentialW

CredUnmarshalCredentialW

A_SHAFinal

A_SHAInit

A_SHAUpdate

ord11

ord14

ord10

ord13

CryptSignAndEncodeCertificate

CertEnumSystemStore

CertEnumCertificatesInStore

CertAddCertificateContextToStore

CryptDecodeObjectEx

CryptStringToBinaryA

CertAddEncodedCertificateToStore

CertOpenStore

CertFreeCertificateContext

CertCloseStore

CryptStringToBinaryW

CertSetCertificateContextProperty

PFXExportCertStoreEx

CryptUnprotectData

CryptBinaryToStringW

CryptBinaryToStringA

CryptExportPublicKeyInfo

CryptFindOIDInfo

CryptAcquireCertificatePrivateKey

CertNameToStrW

CertFindCertificateInStore

CertGetCertificateContextProperty

CertGetNameStringW

CryptEncodeObject

CryptProtectData

CryptQueryObject

MD5Update

MD5Final

CDLocateCSystem

MD5Init

CDLocateCheckSum

CDGenerateRandomBits

DnsFree

DnsQuery_A

FilterFindFirst

FilterFindNext

WNetCancelConnection2W

WNetAddConnection2W

NetStatisticsGet

DsGetDcNameW

NetApiBufferFree

NetRemoteTOD

NetSessionEnum

NetServerGetInfo

DsEnumerateDomainTrustsW

NetShareEnum

NetWkstaUserEnum

I_NetServerAuthenticate2

I_NetServerTrustPasswordsGet

I_NetServerReqChallenge

ord75

ord9

ord43

ord24

ord31

ord111

ord141

ord13

CoTaskMemFree

CoSetProxyBlanket

CoInitializeEx

CoUninitialize

CoCreateInstance

SysAllocString

VariantInit

SysFreeString

VariantClear

RpcBindingFree

RpcBindingFromStringBindingW

RpcStringBindingComposeW

MesEncodeIncrementalHandleCreate

RpcBindingSetAuthInfoExW

RpcBindingInqAuthClientW

RpcBindingSetOption

RpcImpersonateClient

RpcStringFreeW

RpcRevertToSelf

MesDecodeIncrementalHandleCreate

MesHandleFree

MesIncrementalHandleReset

NdrMesTypeDecode2

NdrMesTypeAlignSize2

NdrMesTypeFree2

NdrMesTypeEncode2

RpcServerUnregisterIfEx

I_RpcBindingInqSecurityContext

RpcServerInqBindings

RpcServerListen

RpcMgmtWaitServerListen

RpcEpRegisterW

RpcMgmtStopServerListening

RpcBindingToStringBindingW

RpcServerRegisterIf2

RpcServerRegisterAuthInfoW

RpcBindingVectorFree

UuidToStringW

RpcServerUseProtseqEpW

RpcEpUnregister

NdrServerCall2

NdrClientCall2

UuidCreate

RpcEpResolveBinding

RpcBindingSetObject

RpcBindingSetAuthInfoW

RpcMgmtEpEltInqDone

RpcMgmtEpEltInqNextW

RpcMgmtEpEltInqBegin

I_RpcGetCurrentCallHandle

UrlUnescapeW

PathIsDirectoryW

PathFindFileNameW

PathIsRelativeW

PathCombineW

PathCanonicalizeW

SamEnumerateAliasesInDomain

SamQueryInformationUser

SamCloseHandle

SamEnumerateDomainsInSamServer

SamFreeMemory

SamEnumerateUsersInDomain

SamOpenUser

SamLookupDomainInSamServer

SamLookupNamesInDomain

SamLookupIdsInDomain

SamOpenDomain

SamConnect

SamSetInformationUser

SamiChangePasswordUser

SamEnumerateGroupsInDomain

SamGetGroupsForUser

SamGetMembersInGroup

SamGetMembersInAlias

SamRidToSid

SamGetAliasMembership

SamOpenGroup

SamOpenAlias

FreeContextBuffer

LsaLookupAuthenticationPackage

LsaFreeReturnBuffer

LsaDeregisterLogonProcess

QueryContextAttributesW

InitializeSecurityContextW

AcquireCredentialsHandleW

EnumerateSecurityPackagesW

FreeCredentialsHandle

DeleteSecurityContext

LsaCallAuthenticationPackage

LsaConnectUntrusted

CommandLineToArgvW

SetClipboardViewer

DefWindowProcW

GetClipboardSequenceNumber

OpenClipboard

CreateWindowExW

ChangeClipboardChain

RegisterClassExW

TranslateMessage

EnumClipboardFormats

PostMessageW

DispatchMessageW

GetKeyboardLayout

IsCharAlphaNumericW

SendMessageW

UnregisterClassW

GetMessageW

DestroyWindow

CloseClipboard

GetClipboardData

DestroyEnvironmentBlock

CreateEnvironmentBlock

VerQueryValueW

GetFileVersionInfoSizeW

GetFileVersionInfoW

HidD_GetFeature

HidD_GetPreparsedData

HidD_GetHidGuid

HidP_GetCaps

HidD_SetFeature

HidD_FreePreparsedData

HidD_GetAttributes

SetupDiGetDeviceInterfaceDetailW

SetupDiEnumDeviceInterfaces

SetupDiGetClassDevsW

SetupDiDestroyDeviceInfoList

SCardControl

SCardTransmit

SCardDisconnect

SCardGetAttrib

SCardEstablishContext

SCardFreeMemory

SCardListReadersW

SCardReleaseContext

SCardGetCardTypeProviderNameW

SCardListCardsW

SCardConnectW

WinStationCloseServer

WinStationOpenServerW

WinStationFreeMemory

WinStationConnectW

WinStationQueryInformationW

WinStationEnumerateW

ord145

ord36

ord208

ord41

ord73

ord310

ord13

ord77

ord142

ord54

ord309

ord79

ord304

ord301

ord127

ord26

ord167

ord147

ord27

ord88

ord157

ord14

ord122

ord140

ord203

ord69

ord139

ord97

ord223

ord12

ord113

ord224

ord96

ord133

ASN1_CreateEncoder

ASN1BERDotVal2Eoid

ASN1_CloseEncoder

ASN1_CreateDecoder

ASN1_FreeEncoded

ASN1_CloseModule

ASN1_CloseDecoder

ASN1_CreateModule

RtlIpv6AddressToStringW

RtlUnicodeStringToAnsiString

RtlFreeAnsiString

RtlDowncaseUnicodeString

RtlFreeUnicodeString

RtlInitUnicodeString

RtlEqualUnicodeString

NtQueryObject

RtlCompressBuffer

RtlGetCompressionWorkSpaceSize

NtQuerySystemInformation

RtlGetCurrentPeb

NtQueryInformationProcess

RtlCreateUserThread

RtlGUIDFromString

RtlStringFromGUID

NtCompareTokens

RtlGetNtVersionNumbers

RtlEqualString

RtlUpcaseUnicodeString

RtlAppendUnicodeStringToString

RtlAnsiStringToUnicodeString

RtlFreeOemString

RtlUpcaseUnicodeStringToOemString

NtQueryDirectoryObject

NtResumeProcess

NtOpenDirectoryObject

RtlAdjustPrivilege

NtSuspendProcess

NtTerminateProcess

NtQuerySystemEnvironmentValueEx

NtSetSystemEnvironmentValueEx

NtEnumerateSystemEnvironmentValuesEx

RtlIpv4AddressToStringW

SystemTimeToFileTime

lstrlenA

GetDateFormatW

GetSystemTimeAsFileTime

ClearCommError

CreateRemoteThread

WaitForSingleObject

CreateProcessW

SetConsoleOutputCP

GetConsoleOutputCP

CreateFileMappingW

UnmapViewOfFile

MapViewOfFile

WriteProcessMemory

VirtualProtect

InterlockedExchange

SetFilePointerEx

GetProcessId

GetComputerNameW

ProcessIdToSessionId

VirtualAllocEx

VirtualProtectEx

VirtualAlloc

SetLastError

ReadProcessMemory

VirtualFreeEx

VirtualQueryEx

VirtualFree

VirtualQuery

GetComputerNameExW

DeviceIoControl

DuplicateHandle

OpenProcess

GetCurrentProcess

ExpandEnvironmentStringsW

FindNextFileW

FindClose

GetCurrentDirectoryW

GetFileSizeEx

FlushFileBuffers

GetFileAttributesW

FindFirstFileW

lstrlenW

GetProcAddress

LoadLibraryW

GetModuleHandleW

FreeLibrary

DeleteFileA

GetTempPathA

GetFileInformationByHandle

FileTimeToLocalFileTime

GetCurrentDirectoryA

GetTempFileNameA

SetFilePointer

CreateFileA

FileTimeToDosDateTime

CreateThread

LocalFree

CloseHandle

LocalAlloc

GetLastError

CreateFileW

ReadFile

Sleep

TerminateThread

WriteFile

FileTimeToSystemTime

GetTimeFormatW

GetFullPathNameW

GetFullPathNameA

HeapReAlloc

GetFileSize

CreateMutexW

HeapCompact

SetEndOfFile

HeapAlloc

QueryPerformanceCounter

HeapFree

InterlockedCompareExchange

UnlockFile

FlushViewOfFile

LockFile

WaitForSingleObjectEx

OutputDebugStringW

GetTickCount

UnlockFileEx

GetProcessHeap

FormatMessageA

FormatMessageW

GetVersionExW

WideCharToMultiByte

HeapDestroy

GetFileAttributesA

HeapCreate

HeapValidate

MultiByteToWideChar

GetTempPathW

HeapSize

LockFileEx

GetDiskFreeSpaceW

LoadLibraryA

CreateFileMappingA

GetDiskFreeSpaceA

GetSystemInfo

GetFileAttributesExW

OutputDebugStringA

GetVersionExA

DeleteFileW

GetCurrentProcessId

GetSystemTime

AreFileApisANSI

ExitProcess

ExitThread

RaiseException

SetConsoleCtrlHandler

SetConsoleTitleW

SetFileAttributesW

GlobalSize

SetHandleInformation

CreatePipe

InitializeCriticalSection

LeaveCriticalSection

EnterCriticalSection

DeleteCriticalSection

SetEvent

CreateEventW

GetSystemDirectoryW

SetConsoleCursorPosition

GetTimeZoneInformation

GetStdHandle

FillConsoleOutputCharacterW

GetConsoleScreenBufferInfo

IsWow64Process

SetCurrentDirectoryW

GetCurrentThread

RtlUnwind

TerminateProcess

UnhandledExceptionFilter

SetUnhandledExceptionFilter

GetVersion

GetModuleHandleA

GetCurrentThreadId

PurgeComm

calloc

__set_app_type

_lseeki64

wctomb

__setusermatherr

isspace

mbtowc

__mb_cur_max

_itoa

isleadbyte

isxdigit

localeconv

_snprintf

__p__fmode

ferror

iswctype

wcstombs

?terminate@@YAXXZ

_write

_isatty

ungetc

_controlfp

__badioinfo

__pioinfo

__p__commode

_read

isdigit

strrchr

_amsg_exit

_initterm

exit

_XcptFilter

_exit

_cexit

_errno

free

_wcsdup

_vsnprintf

_except_handler3

_wcsicmp

vfwprintf

_vscwprintf

fflush

_wfopen

wprintf

_fileno

_iob

vwprintf

_setmode

fclose

_stricmp

wcsrchr

wcschr

wcsstr

strtoul

_wcsnicmp

_vscprintf

memmove

strncmp

malloc

_msize

strcspn

realloc

fgetws

wcstoul

strchr

wcstol

wcsncmp

_wcstoui64

towupper

_wpgmptr

strstr

_strcmpi

strtol

getchar

memset

memcpy

__wgetmainargs

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ