IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

ASN1octetstring_free

ASN1BEREncU32

ASN1BERDecExplicitTag

ASN1BERDecS32Val

ASN1BEREncObjectIdentifier

ASN1BEREncExplicitTag

ASN1intx_free

ASN1DecAlloc

ASN1BEREncBitString

ASN1_Encode

ASN1intxisuint32

ASN1BEREncOpenType

ASN1_CreateModule

ASN1_FreeDecoded

ASN1BEREncEndOfContents

ASN1BERDecOpenType2

ASN1charstring_free

ASN1BERDecSkip

ASN1bitstring_free

ASN1intx2int32

ASN1CEREncGeneralizedTime

ASN1ztcharstring_free

ASN1BERDecBool

ASN1BERDecObjectIdentifier

ASN1BEREncSX

ASN1BEREncCharString

ASN1intx_setuint32

ASN1BERDecSXVal

ASN1_CloseDecoder

ASN1BERDecCharString

ASN1_Decode

ASN1objectidentifier_free

ASN1_FreeEncoded

ASN1_CreateEncoder

ASN1BERDecNotEndOfContents

ASN1BEREncOctetString

ASN1BERDecZeroCharString

ASN1BERDecPeekTag

ASN1BERDecOctetString

ASN1DecSetError

ASN1Free

ASN1BERDecU32Val

ASN1intx2uint32

ASN1BERDecBitString

ASN1BEREncS32

ASN1EncSetError

ASN1BERDecEndOfContents

ASN1_CloseEncoder

ASN1BEREncBool

ASN1BERDecGeneralizedTime

ASN1_CreateDecoder

wsprintfW

CharLowerBuffW

LsaFreeReturnBuffer

CredMarshalTargetInfo

LsaGetLogonSessionData

CredUnmarshalTargetInfo

FreeContextBuffer

RtlSystemTimeToLocalTime

RtlAcquireResourceExclusive

NtQueryInformationToken

RtlDeleteElementGenericTable

RtlDeregisterWait

RtlConvertSidToUnicodeString

RtlDeleteCriticalSection

RtlFreeUnicodeString

NtQuerySystemInformation

RtlOemStringToUnicodeString

RtlLengthRequiredSid

NtDuplicateObject

NtSetSecurityObject

RtlInitializeCriticalSection

RtlCreateTimer

RtlTimeToTimeFields

RtlAcquireResourceShared

NtClose

NtOpenThreadToken

RtlCreateSecurityDescriptor

RtlAnsiStringToUnicodeString

RtlAddAccessAllowedAce

RtlInitAnsiString

RtlInsertElementGenericTable

RtlConvertSharedToExclusive

RtlInitializeResource

RtlEqualSid

RtlInitializeGenericTableAvl

NtAllocateLocallyUniqueId

NtOpenEvent

RtlCompareUnicodeString

DbgPrint

RtlLookupElementGenericTableAvl

RtlCreateTimerQueue

RtlCopyLuid

RtlEqualDomainName

RtlLookupElementGenericTable

RtlFreeAnsiString

RtlSetDaclSecurityDescriptor

RtlRegisterWait

RtlCreateAcl

NtAllocateVirtualMemory

RtlEqualUnicodeString

RtlSubAuthorityCountSid

RtlFreeSid

NtOpenProcessToken

RtlUnicodeStringToAnsiString

RtlSubAuthoritySid

RtlCopyUnicodeString

RtlEnterCriticalSection

RtlNtStatusToDosError

RtlCompareMemory

RtlPrefixUnicodeString

RtlDeleteResource

RtlIntegerToUnicodeString

RtlValidSid

RtlUniform

RtlUpcaseUnicodeString

RtlInitUnicodeString

NtWaitForSingleObject

RtlAppendUnicodeStringToString

NtCreateEvent

RtlDowncaseUnicodeString

RtlDeleteTimerQueue

RtlVerifyVersionInfo

RtlReleaseResource

RtlLengthSid

RtlRunDecodeUnicodeString

RtlAllocateAndInitializeSid

VerSetConditionMask

RtlInitializeGenericTable

RtlGetElementGenericTable

NtQuerySystemTime

RtlEraseUnicodeString

RtlTimeFieldsToTime

RtlLeaveCriticalSection

RtlInsertElementGenericTableAvl

RtlCopySid

OpenThreadToken

TraceEvent

RegQueryInfoKeyW

AllocateAndInitializeSid

CredUnmarshalCredentialW

GetTraceLoggerHandle

OpenSCManagerW

RegNotifyChangeKeyValue

RegOpenKeyW

CryptDestroyHash

QueryServiceConfigW

OpenServiceW

RegisterTraceGuidsW

DeregisterEventSource

CredFree

FreeSid

RevertToSelf

ReportEventW

RegEnumKeyExW

RegQueryValueExW

OpenProcessToken

RegOpenKeyExW

CryptCreateHash

CryptSetProvParam

SetThreadToken

RegCreateKeyExW

RegSetValueExW

CryptGetHashParam

RegCloseKey

GetTokenInformation

CloseServiceHandle

RegConnectRegistryW

CryptHashData

LookupAccountSidW

RegDeleteValueW

RegisterEventSourceW

CryptReleaseContext

SystemFunction006

CryptGetProvParam

QueryServiceStatus

SystemFunction007

CryptAcquireContextW

GetCurrentProcess

GetCurrentProcessId

OpenFileMappingW

UnregisterWait

Sleep

GetEnvironmentVariableW

FormatMessageW

WideCharToMultiByte

CreateFileW

GetModuleHandleW

QueryPerformanceCounter

UnhandledExceptionFilter

RaiseException

FileTimeToSystemTime

GetLocalTime

InterlockedExchange

CreateEventW

GetProcAddress

OpenEventW

lstrlenW

GetSystemInfo

GetProfileStringA

LocalFree

FreeLibrary

VirtualAlloc

GetComputerNameW

InitializeCriticalSection

GetSystemTimeAsFileTime

TerminateProcess

InterlockedExchangeAdd

DisableThreadLibraryCalls

InterlockedIncrement

MapViewOfFileEx

InterlockedCompareExchange

GetCurrentThreadId

GetCurrentThread

SetUnhandledExceptionFilter

InterlockedDecrement

RegisterWaitForSingleObjectEx

ExpandEnvironmentStringsW

lstrcmpW

GetACP

CreateFileMappingW

lstrcpyW

LoadLibraryW

GetLastError

LeaveCriticalSection

DeleteCriticalSection

GetModuleFileNameW

OutputDebugStringA

lstrcmpiA

CloseHandle

UnmapViewOfFile

GetTickCount

GetComputerNameExW

MultiByteToWideChar

SetEvent

LoadLibraryA

CreateFileA

GetModuleFileNameA

lstrlenA

LocalAlloc

DebugBreak

WriteFile

EnterCriticalSection

CDFindCommonCSystemWithKey

MD5Update

MD5Final

CDGenerateRandomBits

CDBuildIntegrityVect

MD5Init

CDLocateCheckSum

CDLocateCSystem

_stricmp

_initterm

_strcmpi

malloc

qsort

strrchr

wcstoul

wcsspn

_wcsnicmp

wcsrchr

swprintf

wcscpy

free

_ultoa

_adjust_fdiv

_strnicmp

sprintf

_wcsicmp

_vsnprintf

wcscmp

wcslen

strchr

wcscat

sscanf

_except_handler3

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_CNT_UNINITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE