IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

CryptReleaseContext

CryptGenKey

CryptGetProvParam

CryptGetHashParam

CryptImportKey

CryptSetKeyParam

CryptDestroyHash

CryptSetHashParam

CryptHashData

CryptCreateHash

CryptExportKey

CryptDecrypt

SystemFunction007

CryptDuplicateKey

CryptEncrypt

CryptAcquireContextW

CryptGetKeyParam

CryptAcquireContextA

CryptDestroyKey

GetLengthSid

CopySid

LsaClose

LsaOpenPolicy

LsaQueryInformationPolicy

CreateWellKnownSid

CreateProcessAsUserW

CreateProcessWithLogonW

RegQueryValueExW

RegEnumValueW

RegOpenKeyExW

RegSetValueExW

RegEnumKeyExW

RegQueryInfoKeyW

RegCloseKey

SystemFunction032

ConvertSidToStringSidW

SystemFunction033

QueryServiceObjectSecurity

QueryServiceStatusEx

BuildSecurityDescriptorW

OpenServiceW

StartServiceW

FreeSid

ControlService

SetServiceObjectSecurity

DeleteService

AllocateAndInitializeSid

OpenSCManagerW

CloseServiceHandle

CreateServiceW

IsTextUnicode

GetTokenInformation

LookupAccountNameW

LookupAccountSidW

DuplicateTokenEx

CheckTokenMembership

OpenProcessToken

CryptSetProvParam

CryptEnumProvidersW

ConvertStringSidToSidW

LsaFreeMemory

IsValidSid

GetSidSubAuthority

GetSidSubAuthorityCount

SetThreadToken

SystemFunction006

CryptEnumProviderTypesW

CryptGetUserKey

OpenEventLogW

ClearEventLogW

GetNumberOfEventLogRecords

CryptSignHashW

LsaRetrievePrivateData

LsaOpenSecret

LsaQueryTrustedDomainInfoByName

CryptDeriveKey

LsaQuerySecret

SystemFunction001

SystemFunction005

LsaSetSecret

LsaEnumerateTrustedDomainsEx

SystemFunction023

LookupPrivilegeValueW

StartServiceCtrlDispatcherW

RegisterServiceCtrlHandlerW

SetServiceStatus

OpenThreadToken

LookupPrivilegeNameW

EqualSid

CredFree

CredEnumerateW

ConvertStringSecurityDescriptorToSecurityDescriptorW

SystemFunction027

SystemFunction026

SystemFunction041

CredUnmarshalCredentialW

CredIsMarshaledCredentialW

A_SHAInit

A_SHAFinal

A_SHAUpdate

BCryptGetProperty

BCryptOpenAlgorithmProvider

BCryptFinishHash

BCryptCloseAlgorithmProvider

BCryptDestroyHash

BCryptHashData

BCryptCreateHash

BCryptDestroyKey

BCryptDeriveKeyPBKDF2

BCryptDecrypt

BCryptSetProperty

BCryptExportKey

BCryptImportKeyPair

BCryptFreeBuffer

BCryptEnumRegisteredProviders

BCryptEncrypt

BCryptKeyDerivation

BCryptGenerateSymmetricKey

ord10

ord13

ord14

ord11

CryptDecodeObjectEx

CryptProtectData

CertGetCertificateContextProperty

CertFindCertificateInStore

CryptEncodeObject

CertNameToStrW

CryptSignAndEncodeCertificate

CryptFindOIDInfo

CryptExportPublicKeyInfo

CryptAcquireCertificatePrivateKey

CryptBinaryToStringA

CryptBinaryToStringW

CryptUnprotectData

CryptStringToBinaryW

CertOpenStore

CertGetNameStringW

CryptQueryObject

CertEnumCertificatesInStore

CertAddCertificateContextToStore

CertSetCertificateContextProperty

PFXExportCertStoreEx

CertCloseStore

CertEnumSystemStore

CryptStringToBinaryA

CertAddEncodedCertificateToStore

CertFreeCertificateContext

MD5Update

MD5Final

CDLocateCSystem

MD5Init

CDGenerateRandomBits

CDLocateCheckSum

DnsQuery_A

DnsFree

FilterFindFirst

FilterFindNext

WNetCancelConnection2W

WNetAddConnection2W

NCryptOpenStorageProvider

NCryptGetProperty

NCryptFreeObject

NCryptSetProperty

NCryptOpenKey

NCryptDecrypt

NCryptExportKey

NCryptFreeBuffer

NCryptEnumKeys

NCryptFinalizeKey

NCryptSignHash

NCryptImportKey

NetSessionEnum

NetRemoteTOD

NetServerGetInfo

DsEnumerateDomainTrustsW

DsGetDcNameW

NetApiBufferFree

NetWkstaUserEnum

NetShareEnum

NetStatisticsGet

I_NetServerTrustPasswordsGet

I_NetServerAuthenticate2

I_NetServerReqChallenge

ord43

ord111

ord9

ord13

ord31

ord24

ord75

ord141

CoSetProxyBlanket

CoInitializeEx

CoUninitialize

CoCreateInstance

CoTaskMemFree

VariantInit

VariantClear

SysFreeString

SysAllocString

RpcMgmtEpEltInqNextW

I_RpcGetCurrentCallHandle

RpcEpRegisterW

RpcMgmtEpEltInqDone

RpcBindingInqAuthClientW

RpcBindingSetOption

RpcBindingFromStringBindingW

RpcStringBindingComposeW

RpcBindingSetAuthInfoExW

RpcStringFreeW

MesHandleFree

RpcImpersonateClient

RpcRevertToSelf

MesEncodeIncrementalHandleCreate

MesDecodeIncrementalHandleCreate

RpcBindingFree

MesIncrementalHandleReset

NdrMesTypeEncode2

NdrMesTypeDecode2

NdrMesTypeFree2

NdrMesTypeAlignSize2

RpcBindingVectorFree

RpcServerUseProtseqEpW

RpcServerUnregisterIfEx

RpcBindingToStringBindingW

UuidToStringW

RpcServerRegisterIf2

RpcMgmtWaitServerListen

RpcServerListen

RpcServerRegisterAuthInfoW

RpcEpUnregister

RpcMgmtEpEltInqBegin

RpcServerInqBindings

RpcMgmtStopServerListening

I_RpcBindingInqSecurityContext

NdrClientCall2

NdrServerCall2

UuidCreate

RpcEpResolveBinding

RpcBindingSetObject

RpcBindingSetAuthInfoW

PathFindFileNameW

PathCanonicalizeW

PathCombineW

PathIsDirectoryW

PathIsRelativeW

UrlUnescapeW

SamOpenGroup

SamSetInformationUser

SamEnumerateAliasesInDomain

SamOpenDomain

SamQueryInformationUser

SamGetGroupsForUser

SamGetMembersInAlias

SamGetMembersInGroup

SamEnumerateGroupsInDomain

SamGetAliasMembership

SamOpenAlias

SamEnumerateUsersInDomain

SamLookupNamesInDomain

SamRidToSid

SamEnumerateDomainsInSamServer

SamOpenUser

SamiChangePasswordUser

SamLookupIdsInDomain

SamConnect

SamCloseHandle

SamLookupDomainInSamServer

SamFreeMemory

LsaDeregisterLogonProcess

LsaConnectUntrusted

LsaLookupAuthenticationPackage

LsaFreeReturnBuffer

DeleteSecurityContext

AcquireCredentialsHandleW

QueryContextAttributesW

EnumerateSecurityPackagesW

FreeCredentialsHandle

InitializeSecurityContextW

FreeContextBuffer

LsaCallAuthenticationPackage

CommandLineToArgvW

GetUserObjectInformationW

GetMessageW

DefWindowProcW

PostMessageW

DestroyWindow

SetClipboardViewer

CreateWindowExW

SendMessageW

UnregisterClassW

RegisterClassExW

OpenClipboard

DispatchMessageW

ChangeClipboardChain

CloseClipboard

EnumClipboardFormats

TranslateMessage

GetClipboardData

GetClipboardSequenceNumber

GetKeyboardLayout

IsCharAlphaNumericW

DestroyEnvironmentBlock

CreateEnvironmentBlock

VerQueryValueW

GetFileVersionInfoW

GetFileVersionInfoSizeW

HidD_FreePreparsedData

HidD_GetPreparsedData

HidP_GetCaps

HidD_GetAttributes

HidD_GetFeature

HidD_SetFeature

HidD_GetHidGuid

SetupDiGetDeviceInterfaceDetailW

SetupDiDestroyDeviceInfoList

SetupDiEnumDeviceInterfaces

SetupDiGetClassDevsW

SCardGetAttrib

SCardEstablishContext

SCardReleaseContext

SCardListCardsW

SCardGetCardTypeProviderNameW

SCardFreeMemory

SCardControl

SCardConnectW

SCardDisconnect

SCardTransmit

SCardListReadersW

WinStationConnectW

WinStationFreeMemory

WinStationCloseServer

WinStationQueryInformationW

WinStationOpenServerW

WinStationEnumerateW

ord310

ord73

ord13

ord36

ord79

ord41

ord142

ord208

ord145

ord54

ord301

ord304

ord309

ord167

ord127

ord26

ord27

ord147

ord133

ord157

ord224

ord203

ord88

ord14

ord140

ord77

ord223

ord96

ord69

ord12

ord139

ord122

ord97

ord113

ASN1_CloseEncoder

ASN1_FreeEncoded

ASN1_CreateEncoder

ASN1_CloseModule

ASN1Free

ASN1_CreateDecoder

ASN1_CloseDecoder

ASN1_CreateModule

ASN1BERDotVal2Eoid

ASN1BEREoid2DotVal

RtlFreeAnsiString

NtSetSystemEnvironmentValueEx

RtlFreeUnicodeString

RtlEqualUnicodeString

RtlUnicodeStringToAnsiString

NtSuspendProcess

NtTerminateProcess

NtQuerySystemEnvironmentValueEx

RtlIpv6AddressToStringW

RtlIpv4AddressToStringW

RtlDowncaseUnicodeString

NtEnumerateSystemEnvironmentValuesEx

RtlAdjustPrivilege

NtQueryDirectoryObject

NtOpenDirectoryObject

NtResumeProcess

RtlUpcaseUnicodeStringToOemString

RtlFreeOemString

RtlAnsiStringToUnicodeString

RtlUpcaseUnicodeString

RtlAppendUnicodeStringToString

RtlEqualString

RtlGetNtVersionNumbers

NtCompareTokens

RtlStringFromGUID

RtlGUIDFromString

RtlCreateUserThread

RtlGetCurrentPeb

NtQueryInformationProcess

NtQuerySystemInformation

RtlCompressBuffer

RtlDecompressBuffer

RtlGetCompressionWorkSpaceSize

NtQueryObject

RtlInitUnicodeString

CompareStringW

LCMapStringW

GetLocaleInfoW

IsValidLocale

GetUserDefaultLCID

FlsFree

FlsSetValue

FlsGetValue

FlsAlloc

GetFileType

GetModuleHandleExW

TerminateProcess

EnumSystemLocalesW

GetConsoleMode

SetStdHandle

FindFirstFileExW

IsValidCodePage

GetACP

GetModuleFileNameW

GetCommandLineW

GetCommandLineA

GetOEMCP

EncodePointer

LoadLibraryExW

TlsFree

TlsSetValue

TlsGetValue

TlsAlloc

InitializeCriticalSectionAndSpinCount

InterlockedFlushSList

InterlockedPushEntrySList

RtlUnwindEx

IsProcessorFeaturePresent

GetStartupInfoW

SetUnhandledExceptionFilter

UnhandledExceptionFilter

IsDebuggerPresent

RtlVirtualUnwind

RtlLookupFunctionEntry

RtlCaptureContext

InitializeSListHead

GetCurrentThreadId

SetFilePointerEx

GetProcessId

GetComputerNameW

IsWow64Process

ProcessIdToSessionId

GetCurrentThread

SetConsoleCursorPosition

SetCurrentDirectoryW

FillConsoleOutputCharacterW

GetTimeZoneInformation

GetSystemDirectoryW

GetStdHandle

GetConsoleScreenBufferInfo

SetEvent

CreateEventW

DeleteCriticalSection

InitializeCriticalSection

LeaveCriticalSection

EnterCriticalSection

CreatePipe

SetHandleInformation

GlobalSize

SetFileAttributesW

SetConsoleTitleW

ExitProcess

RaiseException

ExitThread

SetConsoleCtrlHandler

GetTickCount

QueryPerformanceCounter

FormatMessageA

GetSystemTime

GetProcessHeap

GetCurrentProcessId

GetFileSize

LockFileEx

UnlockFile

HeapDestroy

HeapCompact

HeapAlloc

GetSystemInfo

HeapReAlloc

DeleteFileW

WaitForSingleObjectEx

LoadLibraryA

FlushViewOfFile

OutputDebugStringW

GetFileAttributesExW

GetFileAttributesA

GetDiskFreeSpaceA

FormatMessageW

MultiByteToWideChar

HeapSize

HeapValidate

CreateMutexW

GetTempPathW

UnlockFileEx

SetEndOfFile

GetFullPathNameA

LockFile

OutputDebugStringA

GetDiskFreeSpaceW

GetFullPathNameW

HeapFree

HeapCreate

AreFileApisANSI

GetDateFormatW

GetSystemTimeAsFileTime

WideCharToMultiByte

SystemTimeToFileTime

GetTimeFormatW

lstrlenA

ClearCommError

PurgeComm

CreateRemoteThread

WaitForSingleObject

CreateProcessW

ConnectNamedPipe

WaitNamedPipeW

GetNamedPipeInfo

DisconnectNamedPipe

CreateNamedPipeW

SetNamedPipeHandleState

SetConsoleOutputCP

GetConsoleOutputCP

MapViewOfFile

CreateFileMappingW

UnmapViewOfFile

VirtualQueryEx

VirtualQuery

VirtualFreeEx

ReadProcessMemory

VirtualAllocEx

VirtualProtectEx

VirtualAlloc

VirtualFree

SetLastError

VirtualProtect

WriteProcessMemory

GetComputerNameExW

DeviceIoControl

OpenProcess

DuplicateHandle

GetCurrentProcess

FlushFileBuffers

GetCurrentDirectoryW

GetFileAttributesW

FindClose

ExpandEnvironmentStringsW

FindNextFileW

GetFileSizeEx

FindFirstFileW

lstrlenW

FreeLibrary

GetModuleHandleW

GetProcAddress

LoadLibraryW

FileTimeToDosDateTime

GetTempFileNameA

FileTimeToLocalFileTime

DeleteFileA

CreateFileA

GetTempPathA

GetFileInformationByHandle

GetCurrentDirectoryA

SetFilePointer

LocalFree

CreateThread

CloseHandle

TerminateThread

GetLastError

RtlUnwind

Sleep

CreateFileW

LocalAlloc

WriteFile

ReadFile

GetCPInfo

GetEnvironmentStringsW

FreeEnvironmentStringsW

SetEnvironmentVariableW

GetStringTypeW

ReadConsoleW

WriteConsoleW

RtlPcToFileHeader

FileTimeToSystemTime

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ