IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

CryptSetHashParam

CryptGetHashParam

CryptExportKey

CryptAcquireContextW

CryptSetKeyParam

CryptGetKeyParam

CryptReleaseContext

CryptDuplicateKey

CryptAcquireContextA

CryptGetProvParam

CryptImportKey

SystemFunction007

CryptEncrypt

CryptCreateHash

CryptGenKey

CryptDestroyKey

CryptDecrypt

CryptDestroyHash

CryptHashData

CopySid

GetLengthSid

LsaQueryInformationPolicy

LsaOpenPolicy

LsaClose

CreateWellKnownSid

CreateProcessWithLogonW

CreateProcessAsUserW

RegQueryValueExW

RegQueryInfoKeyW

RegEnumValueW

RegOpenKeyExW

RegEnumKeyExW

RegCloseKey

RegSetValueExW

SystemFunction033

SystemFunction032

ConvertSidToStringSidW

CreateServiceW

CloseServiceHandle

DeleteService

OpenSCManagerW

SetServiceObjectSecurity

OpenServiceW

BuildSecurityDescriptorW

QueryServiceObjectSecurity

StartServiceW

AllocateAndInitializeSid

QueryServiceStatusEx

FreeSid

ControlService

IsTextUnicode

OpenProcessToken

GetTokenInformation

LookupAccountNameW

LookupAccountSidW

DuplicateTokenEx

CheckTokenMembership

CryptSetProvParam

CryptEnumProvidersW

ConvertStringSidToSidW

LsaFreeMemory

GetSidSubAuthority

GetSidSubAuthorityCount

IsValidSid

SetThreadToken

CryptEnumProviderTypesW

SystemFunction006

CryptGetUserKey

OpenEventLogW

GetNumberOfEventLogRecords

ClearEventLogW

SystemFunction001

CryptDeriveKey

SystemFunction005

LsaQueryTrustedDomainInfoByName

CryptSignHashW

LsaSetSecret

SystemFunction023

LsaOpenSecret

LsaQuerySecret

LsaRetrievePrivateData

LsaEnumerateTrustedDomainsEx

LookupPrivilegeValueW

StartServiceCtrlDispatcherW

SetServiceStatus

RegisterServiceCtrlHandlerW

LookupPrivilegeNameW

OpenThreadToken

EqualSid

CredFree

CredEnumerateW

SystemFunction026

ConvertStringSecurityDescriptorToSecurityDescriptorW

SystemFunction027

SystemFunction041

CredIsMarshaledCredentialW

CredUnmarshalCredentialW

A_SHAInit

A_SHAUpdate

A_SHAFinal

ord11

ord14

ord10

ord13

CryptSignAndEncodeCertificate

CertEnumSystemStore

CertEnumCertificatesInStore

CertAddCertificateContextToStore

CryptDecodeObjectEx

CryptStringToBinaryA

CertAddEncodedCertificateToStore

CertOpenStore

CertFreeCertificateContext

CertCloseStore

CryptStringToBinaryW

CertSetCertificateContextProperty

PFXExportCertStoreEx

CryptUnprotectData

CryptBinaryToStringW

CryptBinaryToStringA

CryptExportPublicKeyInfo

CryptFindOIDInfo

CryptAcquireCertificatePrivateKey

CertNameToStrW

CertFindCertificateInStore

CertGetCertificateContextProperty

CertGetNameStringW

CryptEncodeObject

CryptProtectData

CryptQueryObject

CDGenerateRandomBits

CDLocateCheckSum

MD5Init

CDLocateCSystem

MD5Final

MD5Update

DnsFree

DnsQuery_A

FilterFindFirst

FilterFindNext

WNetCancelConnection2W

WNetAddConnection2W

NetStatisticsGet

DsGetDcNameW

NetApiBufferFree

NetRemoteTOD

NetSessionEnum

NetServerGetInfo

DsEnumerateDomainTrustsW

NetShareEnum

NetWkstaUserEnum

I_NetServerAuthenticate2

I_NetServerTrustPasswordsGet

I_NetServerReqChallenge

ord75

ord9

ord43

ord24

ord31

ord111

ord141

ord13

CoInitializeEx

CoSetProxyBlanket

CoTaskMemFree

CoUninitialize

CoCreateInstance

SysAllocString

VariantInit

SysFreeString

VariantClear

NdrServerCall2

RpcBindingFromStringBindingW

RpcStringBindingComposeW

MesEncodeIncrementalHandleCreate

RpcBindingSetAuthInfoExW

RpcBindingInqAuthClientW

RpcBindingSetOption

RpcImpersonateClient

RpcBindingFree

RpcStringFreeW

RpcRevertToSelf

MesDecodeIncrementalHandleCreate

MesHandleFree

MesIncrementalHandleReset

NdrMesTypeDecode2

NdrMesTypeAlignSize2

NdrMesTypeFree2

NdrMesTypeEncode2

RpcServerUnregisterIfEx

I_RpcBindingInqSecurityContext

RpcServerInqBindings

RpcServerListen

RpcMgmtWaitServerListen

RpcEpRegisterW

RpcMgmtStopServerListening

RpcBindingToStringBindingW

RpcServerRegisterIf2

RpcServerRegisterAuthInfoW

RpcBindingVectorFree

UuidToStringW

RpcServerUseProtseqEpW

RpcEpUnregister

NdrClientCall2

UuidCreate

RpcEpResolveBinding

RpcBindingSetObject

RpcBindingSetAuthInfoW

RpcMgmtEpEltInqDone

RpcMgmtEpEltInqNextW

RpcMgmtEpEltInqBegin

I_RpcGetCurrentCallHandle

PathIsDirectoryW

PathFindFileNameW

PathIsRelativeW

PathCanonicalizeW

PathCombineW

UrlUnescapeW

SamLookupDomainInSamServer

SamEnumerateAliasesInDomain

SamGetMembersInAlias

SamRidToSid

SamGetMembersInGroup

SamOpenAlias

SamOpenGroup

SamQueryInformationUser

SamCloseHandle

SamEnumerateDomainsInSamServer

SamFreeMemory

SamEnumerateUsersInDomain

SamOpenUser

SamGetAliasMembership

SamLookupNamesInDomain

SamLookupIdsInDomain

SamOpenDomain

SamConnect

SamSetInformationUser

SamiChangePasswordUser

SamEnumerateGroupsInDomain

SamGetGroupsForUser

LsaCallAuthenticationPackage

DeleteSecurityContext

LsaConnectUntrusted

LsaDeregisterLogonProcess

LsaFreeReturnBuffer

LsaLookupAuthenticationPackage

FreeContextBuffer

EnumerateSecurityPackagesW

AcquireCredentialsHandleW

InitializeSecurityContextW

QueryContextAttributesW

FreeCredentialsHandle

CommandLineToArgvW

DestroyWindow

CloseClipboard

GetMessageW

UnregisterClassW

PostMessageW

EnumClipboardFormats

TranslateMessage

RegisterClassExW

GetClipboardData

ChangeClipboardChain

CreateWindowExW

OpenClipboard

GetClipboardSequenceNumber

SendMessageW

SetClipboardViewer

DefWindowProcW

DispatchMessageW

GetKeyboardLayout

IsCharAlphaNumericW

DestroyEnvironmentBlock

CreateEnvironmentBlock

VerQueryValueW

GetFileVersionInfoSizeW

GetFileVersionInfoW

HidD_GetAttributes

HidD_GetHidGuid

HidD_GetPreparsedData

HidD_GetFeature

HidP_GetCaps

HidD_FreePreparsedData

HidD_SetFeature

SetupDiGetDeviceInterfaceDetailW

SetupDiEnumDeviceInterfaces

SetupDiDestroyDeviceInfoList

SetupDiGetClassDevsW

SCardListCardsW

SCardControl

SCardConnectW

SCardTransmit

SCardDisconnect

SCardGetAttrib

SCardEstablishContext

SCardFreeMemory

SCardListReadersW

SCardReleaseContext

SCardGetCardTypeProviderNameW

WinStationQueryInformationW

WinStationConnectW

WinStationFreeMemory

WinStationOpenServerW

WinStationEnumerateW

WinStationCloseServer

ord147

ord27

ord133

ord157

ord88

ord26

ord127

ord301

ord304

ord309

ord54

ord167

ord310

ord73

ord41

ord79

ord36

ord145

ord208

ord13

ord77

ord14

ord122

ord140

ord203

ord69

ord139

ord97

ord223

ord12

ord113

ord224

ord96

ord142

ASN1_CreateModule

ASN1_CloseEncoder

ASN1_CloseDecoder

ASN1_CreateEncoder

ASN1_CloseModule

ASN1_FreeEncoded

ASN1_CreateDecoder

ASN1BERDotVal2Eoid

RtlEqualUnicodeString

NtQueryObject

NtResumeProcess

RtlInitUnicodeString

NtSuspendProcess

NtTerminateProcess

RtlCompressBuffer

RtlGetCompressionWorkSpaceSize

NtOpenDirectoryObject

RtlGetCurrentPeb

NtQueryInformationProcess

NtQuerySystemEnvironmentValueEx

NtSetSystemEnvironmentValueEx

NtEnumerateSystemEnvironmentValuesEx

RtlIpv4AddressToStringW

RtlIpv6AddressToStringW

RtlFreeUnicodeString

RtlUnicodeStringToAnsiString

RtlFreeAnsiString

RtlAdjustPrivilege

RtlCreateUserThread

RtlGUIDFromString

RtlStringFromGUID

NtCompareTokens

RtlGetNtVersionNumbers

RtlEqualString

RtlUpcaseUnicodeString

RtlAppendUnicodeStringToString

RtlAnsiStringToUnicodeString

RtlFreeOemString

RtlUpcaseUnicodeStringToOemString

NtQueryDirectoryObject

RtlDowncaseUnicodeString

NtQuerySystemInformation

FreeEnvironmentStringsW

GetEnvironmentStringsW

GetTickCount64

TerminateProcess

FlsFree

FlsSetValue

FlsGetValue

FlsAlloc

SetUnhandledExceptionFilter

UnhandledExceptionFilter

RtlVirtualUnwind

RtlLookupFunctionEntry

RtlCaptureContext

GetStringTypeW

GetModuleFileNameW

GetStartupInfoW

InitOnceExecuteOnce

GetFileType

SetStdHandle

GetConsoleMode

GetConsoleCP

InitializeCriticalSectionAndSpinCount

RtlUnwindEx

GetCurrentThreadId

GetCPInfo

GetOEMCP

GetACP

IsValidCodePage

IsProcessorFeaturePresent

IsDebuggerPresent

GetCommandLineW

GetModuleHandleExW

DecodePointer

EncodePointer

LoadLibraryExA

SetFilePointerEx

GetProcessId

GetComputerNameW

IsWow64Process

ProcessIdToSessionId

GetCurrentThread

SetCurrentDirectoryW

GetConsoleScreenBufferInfo

FillConsoleOutputCharacterW

GetStdHandle

GetTimeZoneInformation

SetConsoleCursorPosition

GetSystemDirectoryW

CreateEventW

SetEvent

DeleteCriticalSection

EnterCriticalSection

LeaveCriticalSection

InitializeCriticalSection

CreatePipe

SetHandleInformation

GlobalSize

SetFileAttributesW

SetConsoleTitleW

SetConsoleCtrlHandler

RaiseException

ExitThread

ExitProcess

AreFileApisANSI

GetSystemTime

GetCurrentProcessId

DeleteFileW

GetVersionExA

OutputDebugStringA

GetFileAttributesExW

GetSystemInfo

GetDiskFreeSpaceA

CreateFileMappingA

LoadLibraryA

GetDiskFreeSpaceW

LockFileEx

HeapSize

GetTempPathW

MultiByteToWideChar

HeapValidate

HeapCreate

GetFileAttributesA

HeapDestroy

GetVersionExW

FormatMessageW

FormatMessageA

GetProcessHeap

UnlockFileEx

GetTickCount

OutputDebugStringW

WaitForSingleObjectEx

LockFile

FlushViewOfFile

UnlockFile

HeapFree

QueryPerformanceCounter

HeapAlloc

SetEndOfFile

HeapCompact

CreateMutexW

GetFileSize

HeapReAlloc

GetFullPathNameA

GetFullPathNameW

GetTimeFormatW

WideCharToMultiByte

GetSystemTimeAsFileTime

SystemTimeToFileTime

lstrlenA

GetDateFormatW

PurgeComm

ClearCommError

CreateRemoteThread

WaitForSingleObject

CreateProcessW

SetConsoleOutputCP

GetConsoleOutputCP

CreateFileMappingW

UnmapViewOfFile

MapViewOfFile

WriteProcessMemory

VirtualProtect

VirtualAllocEx

VirtualProtectEx

VirtualAlloc

SetLastError

ReadProcessMemory

VirtualFreeEx

VirtualQueryEx

VirtualFree

VirtualQuery

GetComputerNameExW

DeviceIoControl

DuplicateHandle

OpenProcess

GetCurrentProcess

ExpandEnvironmentStringsW

LCMapStringEx

WriteConsoleW

ReadConsoleW

LoadLibraryExW

FindNextFileW

FindClose

GetCurrentDirectoryW

GetFileSizeEx

FlushFileBuffers

GetFileAttributesW

FindFirstFileW

lstrlenW

GetProcAddress

LoadLibraryW

GetModuleHandleW

FreeLibrary

DeleteFileA

GetTempPathA

GetFileInformationByHandle

FileTimeToLocalFileTime

GetCurrentDirectoryA

GetTempFileNameA

SetFilePointer

CreateFileA

FileTimeToDosDateTime

CreateThread

LocalFree

CloseHandle

LocalAlloc

GetLastError

CreateFileW

ReadFile

Sleep

TerminateThread

WriteFile

FileTimeToSystemTime

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ