IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

CryptReleaseContext

CryptGenKey

CryptGetProvParam

CryptGetHashParam

CryptImportKey

CryptSetKeyParam

CryptDestroyHash

CryptSetHashParam

CryptHashData

CryptCreateHash

CryptExportKey

CryptDecrypt

SystemFunction007

CryptDuplicateKey

CryptEncrypt

CryptAcquireContextW

CryptGetKeyParam

CryptAcquireContextA

CryptDestroyKey

GetLengthSid

CopySid

LsaClose

LsaOpenPolicy

LsaQueryInformationPolicy

CreateWellKnownSid

CreateProcessAsUserW

CreateProcessWithLogonW

RegQueryValueExW

RegEnumValueW

RegOpenKeyExW

RegSetValueExW

RegEnumKeyExW

RegQueryInfoKeyW

RegCloseKey

SystemFunction032

ConvertSidToStringSidW

SystemFunction033

QueryServiceObjectSecurity

QueryServiceStatusEx

BuildSecurityDescriptorW

OpenServiceW

StartServiceW

FreeSid

ControlService

SetServiceObjectSecurity

DeleteService

AllocateAndInitializeSid

OpenSCManagerW

CloseServiceHandle

CreateServiceW

IsTextUnicode

GetTokenInformation

LookupAccountNameW

LookupAccountSidW

DuplicateTokenEx

CheckTokenMembership

OpenProcessToken

CryptSetProvParam

CryptEnumProvidersW

ConvertStringSidToSidW

LsaFreeMemory

IsValidSid

GetSidSubAuthority

GetSidSubAuthorityCount

SetThreadToken

SystemFunction006

CryptEnumProviderTypesW

CryptGetUserKey

OpenEventLogW

ClearEventLogW

GetNumberOfEventLogRecords

CryptSignHashW

LsaRetrievePrivateData

LsaOpenSecret

LsaQueryTrustedDomainInfoByName

CryptDeriveKey

LsaQuerySecret

SystemFunction001

SystemFunction005

LsaSetSecret

LsaEnumerateTrustedDomainsEx

SystemFunction023

LookupPrivilegeValueW

StartServiceCtrlDispatcherW

RegisterServiceCtrlHandlerW

SetServiceStatus

OpenThreadToken

LookupPrivilegeNameW

EqualSid

CredFree

CredEnumerateW

ConvertStringSecurityDescriptorToSecurityDescriptorW

SystemFunction027

SystemFunction026

SystemFunction041

CredUnmarshalCredentialW

CredIsMarshaledCredentialW

A_SHAFinal

A_SHAInit

A_SHAUpdate

ord11

ord14

ord10

ord13

CertFindCertificateInStore

CertGetNameStringW

CryptQueryObject

CertEnumCertificatesInStore

CertAddCertificateContextToStore

CertAddEncodedCertificateToStore

CertFreeCertificateContext

CryptStringToBinaryA

CertCloseStore

PFXExportCertStoreEx

CertSetCertificateContextProperty

CertOpenStore

CryptStringToBinaryW

CryptUnprotectData

CryptBinaryToStringW

CryptBinaryToStringA

CryptAcquireCertificatePrivateKey

CryptExportPublicKeyInfo

CryptFindOIDInfo

CryptSignAndEncodeCertificate

CertNameToStrW

CryptEncodeObject

CertEnumSystemStore

CertGetCertificateContextProperty

CryptProtectData

CryptDecodeObjectEx

CDGenerateRandomBits

CDLocateCheckSum

MD5Final

CDLocateCSystem

MD5Init

MD5Update

DnsFree

DnsQuery_A

FilterFindNext

FilterFindFirst

WNetAddConnection2W

WNetCancelConnection2W

NetServerGetInfo

DsGetDcNameW

NetApiBufferFree

NetWkstaUserEnum

NetShareEnum

NetStatisticsGet

NetSessionEnum

NetRemoteTOD

DsEnumerateDomainTrustsW

I_NetServerAuthenticate2

I_NetServerTrustPasswordsGet

I_NetServerReqChallenge

ord31

ord141

ord24

ord13

ord75

ord111

ord43

ord9

CoInitializeEx

CoSetProxyBlanket

CoTaskMemFree

CoUninitialize

CoCreateInstance

SysAllocString

SysFreeString

VariantInit

VariantClear

NdrClientCall2

RpcBindingInqAuthClientW

RpcBindingSetOption

RpcBindingFromStringBindingW

RpcStringBindingComposeW

RpcBindingSetAuthInfoExW

RpcStringFreeW

MesHandleFree

RpcImpersonateClient

RpcRevertToSelf

MesEncodeIncrementalHandleCreate

MesDecodeIncrementalHandleCreate

RpcBindingFree

MesIncrementalHandleReset

NdrMesTypeEncode2

NdrMesTypeDecode2

NdrMesTypeFree2

NdrMesTypeAlignSize2

RpcBindingVectorFree

RpcServerUseProtseqEpW

RpcServerUnregisterIfEx

RpcBindingToStringBindingW

UuidToStringW

RpcServerRegisterIf2

RpcMgmtWaitServerListen

RpcServerListen

RpcServerRegisterAuthInfoW

RpcEpUnregister

RpcEpRegisterW

RpcServerInqBindings

RpcMgmtStopServerListening

I_RpcBindingInqSecurityContext

NdrServerCall2

UuidCreate

RpcEpResolveBinding

RpcBindingSetObject

RpcBindingSetAuthInfoW

RpcMgmtEpEltInqBegin

RpcMgmtEpEltInqDone

RpcMgmtEpEltInqNextW

I_RpcGetCurrentCallHandle

PathFindFileNameW

PathIsDirectoryW

PathCombineW

PathCanonicalizeW

PathIsRelativeW

UrlUnescapeW

SamLookupIdsInDomain

SamEnumerateGroupsInDomain

SamGetAliasMembership

SamOpenAlias

SamRidToSid

SamGetGroupsForUser

SamGetMembersInAlias

SamEnumerateUsersInDomain

SamLookupNamesInDomain

SamOpenDomain

SamEnumerateDomainsInSamServer

SamOpenUser

SamiChangePasswordUser

SamGetMembersInGroup

SamConnect

SamCloseHandle

SamLookupDomainInSamServer

SamFreeMemory

SamQueryInformationUser

SamSetInformationUser

SamOpenGroup

SamEnumerateAliasesInDomain

LsaFreeReturnBuffer

DeleteSecurityContext

LsaLookupAuthenticationPackage

LsaCallAuthenticationPackage

LsaDeregisterLogonProcess

LsaConnectUntrusted

QueryContextAttributesW

EnumerateSecurityPackagesW

FreeCredentialsHandle

InitializeSecurityContextW

FreeContextBuffer

AcquireCredentialsHandleW

CommandLineToArgvW

GetUserObjectInformationW

GetMessageW

DefWindowProcW

PostMessageW

DestroyWindow

SetClipboardViewer

CreateWindowExW

SendMessageW

UnregisterClassW

RegisterClassExW

OpenClipboard

DispatchMessageW

ChangeClipboardChain

CloseClipboard

EnumClipboardFormats

TranslateMessage

GetClipboardData

GetClipboardSequenceNumber

GetKeyboardLayout

IsCharAlphaNumericW

CreateEnvironmentBlock

DestroyEnvironmentBlock

VerQueryValueW

GetFileVersionInfoW

GetFileVersionInfoSizeW

HidD_GetPreparsedData

HidP_GetCaps

HidD_GetAttributes

HidD_GetFeature

HidD_GetHidGuid

HidD_FreePreparsedData

HidD_SetFeature

SetupDiGetClassDevsW

SetupDiEnumDeviceInterfaces

SetupDiDestroyDeviceInfoList

SetupDiGetDeviceInterfaceDetailW

SCardFreeMemory

SCardTransmit

SCardDisconnect

SCardConnectW

SCardControl

SCardListReadersW

SCardGetCardTypeProviderNameW

SCardListCardsW

SCardReleaseContext

SCardEstablishContext

SCardGetAttrib

WinStationOpenServerW

WinStationQueryInformationW

WinStationCloseServer

WinStationFreeMemory

WinStationConnectW

WinStationEnumerateW

ord157

ord224

ord203

ord88

ord14

ord27

ord26

ord127

ord133

ord167

ord309

ord147

ord310

ord208

ord73

ord13

ord36

ord79

ord41

ord142

ord77

ord145

ord54

ord301

ord140

ord113

ord223

ord96

ord69

ord12

ord139

ord122

ord97

ord304

ASN1_CreateEncoder

ASN1BERDotVal2Eoid

ASN1_CloseModule

ASN1Free

ASN1_CreateDecoder

ASN1_CloseEncoder

ASN1BEREoid2DotVal

ASN1_CreateModule

ASN1_CloseDecoder

ASN1_FreeEncoded

NtQueryObject

RtlFreeAnsiString

NtTerminateProcess

RtlUnicodeStringToAnsiString

RtlDecompressBuffer

RtlCompressBuffer

NtQuerySystemInformation

NtQueryInformationProcess

RtlGetCurrentPeb

NtSuspendProcess

RtlGUIDFromString

RtlStringFromGUID

NtSetSystemEnvironmentValueEx

NtQuerySystemEnvironmentValueEx

NtEnumerateSystemEnvironmentValuesEx

RtlIpv4AddressToStringW

RtlIpv6AddressToStringW

RtlFreeUnicodeString

RtlDowncaseUnicodeString

RtlEqualUnicodeString

RtlGetCompressionWorkSpaceSize

NtCompareTokens

RtlGetNtVersionNumbers

RtlEqualString

RtlAppendUnicodeStringToString

RtlUpcaseUnicodeString

RtlAnsiStringToUnicodeString

RtlFreeOemString

RtlUpcaseUnicodeStringToOemString

NtResumeProcess

NtOpenDirectoryObject

NtQueryDirectoryObject

RtlAdjustPrivilege

RtlInitUnicodeString

RtlCreateUserThread

FindNextFileA

FindFirstFileExW

FindFirstFileExA

GetStringTypeW

SetStdHandle

IsValidCodePage

GetConsoleCP

EnumSystemLocalesW

GetUserDefaultLCID

IsValidLocale

GetLocaleInfoW

LCMapStringW

CompareStringW

GetFileType

GetACP

GetModuleHandleExW

TerminateProcess

GetModuleFileNameA

GetModuleFileNameW

GetCommandLineW

GetCommandLineA

LoadLibraryExW

TlsFree

TlsSetValue

TlsGetValue

TlsAlloc

InitializeCriticalSectionAndSpinCount

InterlockedFlushSList

InterlockedPushEntrySList

RtlUnwindEx

IsProcessorFeaturePresent

GetStartupInfoW

SetUnhandledExceptionFilter

UnhandledExceptionFilter

IsDebuggerPresent

RtlVirtualUnwind

RtlLookupFunctionEntry

RtlCaptureContext

InitializeSListHead

GetCurrentThreadId

LoadLibraryExA

SetFilePointerEx

GetProcessId

GetComputerNameW

IsWow64Process

ProcessIdToSessionId

GetCurrentThread

SetConsoleCursorPosition

SetCurrentDirectoryW

FillConsoleOutputCharacterW

GetTimeZoneInformation

GetSystemDirectoryW

GetStdHandle

GetConsoleScreenBufferInfo

SetEvent

CreateEventW

DeleteCriticalSection

InitializeCriticalSection

LeaveCriticalSection

EnterCriticalSection

CreatePipe

SetHandleInformation

GlobalSize

SetFileAttributesW

SetConsoleTitleW

ExitProcess

RaiseException

ExitThread

SetConsoleCtrlHandler

GetTickCount

QueryPerformanceCounter

FormatMessageA

GetSystemTime

GetProcessHeap

GetCurrentProcessId

GetFileSize

LockFileEx

CreateFileMappingA

UnlockFile

HeapDestroy

HeapCompact

HeapAlloc

GetSystemInfo

HeapReAlloc

DeleteFileW

GetVersionExA

WaitForSingleObjectEx

LoadLibraryA

FlushViewOfFile

OutputDebugStringW

GetFileAttributesExW

GetFileAttributesA

GetDiskFreeSpaceA

FormatMessageW

MultiByteToWideChar

HeapSize

HeapValidate

GetVersionExW

CreateMutexW

GetTempPathW

UnlockFileEx

SetEndOfFile

GetFullPathNameA

LockFile

OutputDebugStringA

GetDiskFreeSpaceW

GetFullPathNameW

HeapFree

HeapCreate

AreFileApisANSI

GetDateFormatW

GetSystemTimeAsFileTime

WideCharToMultiByte

SystemTimeToFileTime

GetTimeFormatW

lstrlenA

ClearCommError

PurgeComm

CreateRemoteThread

WaitForSingleObject

CreateProcessW

ConnectNamedPipe

WaitNamedPipeW

GetNamedPipeInfo

DisconnectNamedPipe

CreateNamedPipeW

SetNamedPipeHandleState

SetConsoleOutputCP

GetConsoleOutputCP

MapViewOfFile

CreateFileMappingW

UnmapViewOfFile

VirtualQueryEx

VirtualQuery

VirtualFreeEx

ReadProcessMemory

VirtualAllocEx

VirtualProtectEx

VirtualAlloc

VirtualFree

SetLastError

VirtualProtect

WriteProcessMemory

GetComputerNameExW

DeviceIoControl

OpenProcess

GetOEMCP

GetCPInfo

GetEnvironmentStringsW

FreeEnvironmentStringsW

SetEnvironmentVariableA

SetEnvironmentVariableW

WriteConsoleW

GetConsoleMode

DuplicateHandle

GetCurrentProcess

FlushFileBuffers

ReadConsoleW

GetCurrentDirectoryW

GetFileAttributesW

FindClose

ExpandEnvironmentStringsW

FindNextFileW

GetFileSizeEx

FindFirstFileW

lstrlenW

FreeLibrary

GetModuleHandleW

GetProcAddress

LoadLibraryW

FileTimeToDosDateTime

GetTempFileNameA

FileTimeToLocalFileTime

DeleteFileA

CreateFileA

GetTempPathA

GetFileInformationByHandle

GetCurrentDirectoryA

SetFilePointer

LocalFree

CreateThread

CloseHandle

TerminateThread

GetLastError

Sleep

CreateFileW

LocalAlloc

WriteFile

ReadFile

FileTimeToSystemTime

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ