IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_32BIT_MACHINE

GetTempFileNameW

lstrlenA

ReadProcessMemory

WideCharToMultiByte

SetErrorMode

ReleaseSemaphore

CreateSemaphoreW

HeapSetInformation

FindResourceExW

OpenProcess

ExitProcess

GetCurrentDirectoryW

GetSystemDirectoryW

SetCurrentDirectoryW

GetCurrentProcess

GetCommandLineW

GetTempPathW

MultiByteToWideChar

FreeLibrary

LoadLibraryExW

lstrcmpiW

InterlockedDecrement

InterlockedIncrement

lstrlenW

OutputDebugStringA

GetModuleFileNameW

SetLastError

GetExitCodeProcess

FindResourceW

LoadResource

LockResource

SizeofResource

RaiseException

GetVersion

GetFileAttributesW

LoadLibraryW

GetModuleHandleA

LoadLibraryA

InitializeCriticalSection

GetCurrentProcessId

CreateNamedPipeW

LocalFree

ResetEvent

CreateThread

CreateEventW

DeleteCriticalSection

GetModuleHandleW

GetProcAddress

WriteFile

ConnectNamedPipe

ReadFile

DisconnectNamedPipe

SetEvent

WaitForSingleObject

CloseHandle

CreateMutexW

CallNamedPipeW

GetLastError

WaitNamedPipeW

CreateFileW

GetVersionExW

LeaveCriticalSection

EnterCriticalSection

SetEnvironmentVariableA

CompareStringW

CompareStringA

SetEndOfFile

GetDriveTypeA

GetCurrentDirectoryA

CreateFileA

GetLocaleInfoW

GetStringTypeA

IsValidLocale

EnumSystemLocalesA

GetLocaleInfoA

GetUserDefaultLCID

GetDateFormatA

GetTimeFormatA

FlushFileBuffers

WriteConsoleW

GetConsoleOutputCP

WriteConsoleA

GetTimeZoneInformation

GetStartupInfoA

SetHandleCount

FreeEnvironmentStringsW

IsValidCodePage

LocalAlloc

InterlockedCompareExchange

InterlockedExchange

SignalObjectAndWait

TerminateProcess

GetTickCount

SetInformationJobObject

TerminateJobObject

GetQueuedCompletionStatus

DuplicateHandle

GetCurrentThreadId

CreateIoCompletionPort

PostQueuedCompletionStatus

ResumeThread

WriteProcessMemory

MapViewOfFile

CreateFileMappingW

GetThreadContext

AssignProcessToJobObject

GetStartupInfoW

UnregisterWaitEx

RegisterWaitForSingleObject

CreateJobObjectW

VirtualFreeEx

VirtualAllocEx

VirtualProtectEx

SearchPathW

ExpandEnvironmentStringsW

QueryInformationJobObject

HeapAlloc

GetProcessHeap

VirtualProtect

CreateProcessW

OpenEventW

DebugBreak

VirtualQuery

SuspendThread

WaitForMultipleObjects

VirtualQueryEx

GetLongPathNameW

QueryDosDeviceW

InterlockedExchangeAdd

SetUnhandledExceptionFilter

DeleteFileW

SetFilePointer

ReleaseMutex

Sleep

IsDebuggerPresent

GetStdHandle

CreateToolhelp32Snapshot

GetSystemInfo

Process32NextW

Process32FirstW

GetProcessId

GetSystemTimeAsFileTime

InitializeCriticalSectionAndSpinCount

QueryPerformanceCounter

TlsGetValue

TlsFree

TlsSetValue

TlsAlloc

GlobalUnlock

GlobalLock

GlobalSize

GlobalAddAtomW

GetFileType

GetExitCodeThread

GetWindowsDirectoryW

MoveFileExW

QueueUserWorkItem

GlobalAlloc

GlobalFree

VerifyVersionInfoW

VerSetConditionMask

lstrcmpiA

GetEnvironmentStringsW

SetEnvironmentVariableW

GetEnvironmentVariableW

CreateDirectoryExW

RtlUnwind

HeapFree

UnhandledExceptionFilter

VirtualAlloc

HeapReAlloc

GetConsoleCP

GetConsoleMode

SetStdHandle

GetFullPathNameW

LCMapStringA

LCMapStringW

GetCPInfo

GetStringTypeW

HeapCreate

HeapDestroy

VirtualFree

GetModuleFileNameA

HeapSize

GetACP

GetOEMCP

SetActiveWindow

CloseWindow

GetClipboardFormatNameA

GetClipboardData

ReleaseDC

GetDC

OpenClipboard

CloseClipboard

EmptyClipboard

SetClipboardData

IsClipboardFormatAvailable

EnumClipboardFormats

CountClipboardFormats

GetClipboardFormatNameW

GetClipboardSequenceNumber

GetClipboardOwner

GetPriorityClipboardFormat

GetOpenClipboardWindow

ChangeClipboardChain

GetClipboardViewer

SetClipboardViewer

RegisterClipboardFormatW

RegisterClipboardFormatA

LoadCursorW

LoadIconW

SendDlgItemMessageW

FindWindowExW

EnumThreadWindows

SetWindowPos

GetParent

DdeClientTransaction

EnumChildWindows

GetWindowInfo

SetWindowTextW

IsWindowEnabled

EnableWindow

RegisterClassW

GetAsyncKeyState

UnregisterClassW

MsgWaitForMultipleObjectsEx

WaitMessage

GetQueueStatus

PostQuitMessage

CallMsgFilterW

KillTimer

GetClassNameW

SetWindowLongW

GetUserObjectInformationW

GetWindowThreadProcessId

GetGUIThreadInfo

SendMessageW

DialogBoxParamW

CharNextW

GetDlgItem

EndDialog

IsWindow

EnumWindows

DestroyWindow

PostMessageW

SetParent

GetFocus

GetActiveWindow

RegisterWindowMessageW

RegisterClassExW

CreateWindowExW

SetTimer

GetDesktopWindow

CloseWindowStation

CloseDesktop

CreateWindowStationW

AllowSetForegroundWindow

BringWindowToTop

GetWindowLongW

GetThreadDesktop

SetProcessWindowStation

CreateDesktopW

GetProcessWindowStation

PeekMessageW

MsgWaitForMultipleObjects

TranslateMessage

DispatchMessageW

DdeDisconnect

DdeConnect

DdeCreateDataHandle

DdeAddData

DdeGetData

DdeInitializeW

DdeUninitialize

DdeFreeStringHandle

DdeCreateStringHandleW

DdeNameService

FindWindowA

RegisterWindowMessageA

ShowWindow

FindWindowW

DefWindowProcW

MessageBoxW

UserHandleGrantAccess

CryptHashData

RegCloseKey

CreateProcessAsUserW

CreateRestrictedToken

DuplicateTokenEx

DuplicateToken

LookupPrivilegeValueW

CopySid

CreateWellKnownSid

GetSecurityInfo

SetEntriesInAclW

ConvertSidToStringSidW

CheckTokenMembership

CryptGetProvParam

CryptSetProvParam

CryptGenRandom

CryptDecrypt

CryptSignHashA

CryptSignHashW

CryptGetHashParam

CryptAcquireContextA

CryptAcquireContextW

CryptImportKey

CryptGetUserKey

CryptCreateHash

CryptReleaseContext

CryptDestroyKey

CryptDestroyHash

RegOpenKeyExW

CryptGenKey

ConvertStringSecurityDescriptorToSecurityDescriptorW

RegDeleteKeyW

RegDisablePredefinedCache

RevertToSelf

SetSecurityInfo

GetSecurityDescriptorSacl

SetTokenInformation

GetLengthSid

ConvertStringSidToSidW

SetThreadToken

RegOpenKeyExA

GetTokenInformation

OpenProcessToken

EqualSid

RegQueryValueExA

RegCreateKeyW

RegOpenKeyW

RegQueryValueW

RegEnumKeyExW

RegQueryInfoKeyW

RegSetValueExW

RegCreateKeyExW

RegDeleteValueW

RegQueryValueExW

ord43

SHGetSpecialFolderPathW

ShellExecuteExW

SHGetFolderPathW

ShellExecuteW

SHCreateDirectoryExW

SHGetPathFromIDListW

SHBrowseForFolderW

FindExecutableW

SHGetFileInfoW

CommandLineToArgvW

CoInitialize

StringFromCLSID

CreateStreamOnHGlobal

CoMarshalInterface

GetHGlobalFromStream

CLSIDFromString

CoRevokeClassObject

CoRegisterClassObject

CoTaskMemAlloc

CoTaskMemRealloc

CoCreateInstance

CoTaskMemFree

CoUninitialize

CoResumeClassObjects

CoInitializeEx

CLSIDFromProgID

CoUnmarshalInterface

ReleaseStgMedium

SysAllocStringByteLen

SafeArrayRedim

VariantCopyInd

VariantClear

LoadTypeLi

LoadRegTypeLi

SysAllocString

SafeArrayPutElement

VariantCopy

SafeArrayCopy

VariantInit

VarBstrCmp

SafeArrayGetVartype

SafeArrayDestroy

SafeArrayCreate

SysStringByteLen

SysAllocStringLen

SafeArrayLock

SafeArrayUnlock

SafeArrayGetUBound

SysStringLen

VarUI4FromStr

SysFreeString

SafeArrayGetLBound

ord19

AssocQueryStringW

PathFileExistsW

PathIsDirectoryW

PathAppendW

PathIsRelativeW

PathFindExtensionW

PathAddBackslashW

UrlCanonicalizeW

PathCreateFromUrlW

UrlIsW

PathIsURLW

PathFindFileNameW

PathRemoveFileSpecW

timeGetTime

timeBeginPeriod

timeEndPeriod

FreeContextBuffer

FreeCredentialsHandle

InitializeSecurityContextA

DeleteSecurityContext

AcquireCredentialsHandleA

GetStockObject

GetEnhMetaFileHeader

GetCurrentObject

GetRgnBox

CreateRectRgn

CombineRgn

CreateEnhMetaFileW

SetPolyFillMode

GetObjectType

CloseEnhMetaFile

CreateCompatibleBitmap

SetDIBits

GetObjectW

GetDIBits

GetEnhMetaFileBits

PlayEnhMetaFile

DeleteEnhMetaFile

SelectObject

GetFontData

CreateScalableFontResourceW

RemoveFontResourceW

DeleteObject

CreateFontIndirectW

GetClipBox

CreateDCW

GetTextColor

GetTextAlign

GetBkMode

GetStretchBltMode

GetPolyFillMode

GetMiterLimit

AddFontResourceW

DeleteDC

ExtEscape

Escape

ResetDCW

EndDoc

EndPage

StartPage

AbortDoc

StartDocW

GetDeviceCaps

SetEnhMetaFileBits

CreateDCA

CreateICW

ClosePrinter

DeviceCapabilitiesW

DeviceCapabilitiesA

DeletePrinterDataW

DeletePrinterDataA

SetPrinterW

GetPrinterDriverA

GetPrinterDriverW

DocumentPropertiesW

GetPrinterW

EnumPrintersA

OpenPrinterW

EnumPrintersW

OpenPrinterA

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_CODE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE