IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

CryptSetHashParam

CryptGetHashParam

CryptExportKey

CryptAcquireContextW

CryptSetKeyParam

CryptGetKeyParam

CryptReleaseContext

CryptDuplicateKey

CryptAcquireContextA

CryptGetProvParam

CryptImportKey

SystemFunction007

CryptEncrypt

CryptCreateHash

CryptGenKey

CryptDestroyKey

CryptDecrypt

CryptDestroyHash

CryptHashData

CopySid

GetLengthSid

LsaQueryInformationPolicy

LsaOpenPolicy

LsaClose

CreateWellKnownSid

CreateProcessWithLogonW

CreateProcessAsUserW

RegQueryValueExW

RegQueryInfoKeyW

RegEnumValueW

RegOpenKeyExW

RegEnumKeyExW

RegCloseKey

RegSetValueExW

SystemFunction032

ConvertSidToStringSidW

CreateServiceW

CloseServiceHandle

DeleteService

OpenSCManagerW

SetServiceObjectSecurity

OpenServiceW

BuildSecurityDescriptorW

QueryServiceObjectSecurity

StartServiceW

AllocateAndInitializeSid

QueryServiceStatusEx

FreeSid

ControlService

IsTextUnicode

OpenProcessToken

GetTokenInformation

LookupAccountNameW

LookupAccountSidW

DuplicateTokenEx

CheckTokenMembership

CryptEnumProvidersW

ConvertStringSidToSidW

LsaFreeMemory

SetThreadToken

CryptSetProvParam

CryptEnumProviderTypesW

SystemFunction006

CryptGetUserKey

OpenEventLogW

GetNumberOfEventLogRecords

ClearEventLogW

SystemFunction001

CryptDeriveKey

SystemFunction005

LsaQueryTrustedDomainInfoByName

CryptSignHashW

LsaOpenSecret

LsaQuerySecret

SystemFunction013

LsaRetrievePrivateData

LsaEnumerateTrustedDomainsEx

LookupPrivilegeValueW

StartServiceCtrlDispatcherW

SetServiceStatus

RegisterServiceCtrlHandlerW

IsValidSid

LookupPrivilegeNameW

OpenThreadToken

CredFree

CredEnumerateW

GetSidSubAuthority

GetSidSubAuthorityCount

SystemFunction025

ConvertStringSecurityDescriptorToSecurityDescriptorW

SystemFunction024

A_SHAFinal

A_SHAInit

A_SHAUpdate

ord11

ord14

ord10

ord13

CertGetNameStringW

CryptEncodeObject

CertEnumSystemStore

CryptSignAndEncodeCertificate

CertEnumCertificatesInStore

CertAddEncodedCertificateToStore

CertOpenStore

CertFreeCertificateContext

CertCloseStore

CertSetCertificateContextProperty

PFXExportCertStoreEx

CryptUnprotectData

CryptBinaryToStringW

CryptStringToBinaryW

CryptProtectData

CryptExportPublicKeyInfo

CryptAcquireCertificatePrivateKey

CertNameToStrW

CertGetCertificateContextProperty

CertAddCertificateContextToStore

CertFindCertificateInStore

MD5Init

MD5Update

MD5Final

CDLocateCSystem

CDGenerateRandomBits

CDLocateCheckSum

FilterFindFirst

FilterFindNext

NetServerGetInfo

NetStatisticsGet

NetShareEnum

NetSessionEnum

DsGetDcNameW

NetApiBufferFree

NetRemoteTOD

NetWkstaUserEnum

I_NetServerAuthenticate2

I_NetServerTrustPasswordsGet

I_NetServerReqChallenge

CoInitializeEx

CoUninitialize

CoCreateInstance

VariantInit

SysFreeString

SysAllocString

RpcMgmtEpEltInqNextW

RpcMgmtEpEltInqBegin

I_RpcGetCurrentCallHandle

NdrClientCall2

RpcMgmtEpEltInqDone

RpcBindingFromStringBindingW

RpcStringBindingComposeW

MesEncodeIncrementalHandleCreate

RpcBindingSetAuthInfoExW

RpcBindingInqAuthClientW

RpcBindingSetOption

RpcImpersonateClient

RpcBindingFree

RpcStringFreeW

RpcRevertToSelf

MesDecodeIncrementalHandleCreate

MesHandleFree

MesIncrementalHandleReset

NdrMesTypeDecode2

NdrMesTypeAlignSize2

NdrMesTypeFree2

NdrMesTypeEncode2

RpcServerUnregisterIfEx

I_RpcBindingInqSecurityContext

RpcServerInqBindings

RpcServerListen

RpcMgmtWaitServerListen

RpcEpRegisterW

RpcMgmtStopServerListening

RpcBindingToStringBindingW

RpcServerRegisterIf2

RpcServerRegisterAuthInfoW

RpcBindingVectorFree

UuidToStringW

RpcServerUseProtseqEpW

RpcEpUnregister

NdrServerCall2

RpcEpResolveBinding

UuidCreate

PathIsDirectoryW

PathCanonicalizeW

PathCombineW

PathFindFileNameW

PathIsRelativeW

SamGetGroupsForUser

SamEnumerateGroupsInDomain

SamiChangePasswordUser

SamGetMembersInGroup

SamSetInformationUser

SamRidToSid

SamGetMembersInAlias

SamEnumerateAliasesInDomain

SamGetAliasMembership

SamOpenGroup

SamOpenAlias

SamQueryInformationUser

SamCloseHandle

SamEnumerateDomainsInSamServer

SamFreeMemory

SamEnumerateUsersInDomain

SamOpenUser

SamLookupDomainInSamServer

SamLookupNamesInDomain

SamLookupIdsInDomain

SamOpenDomain

SamConnect

FreeContextBuffer

LsaLookupAuthenticationPackage

LsaConnectUntrusted

LsaFreeReturnBuffer

LsaDeregisterLogonProcess

DeleteSecurityContext

LsaCallAuthenticationPackage

FreeCredentialsHandle

AcquireCredentialsHandleW

InitializeSecurityContextW

QueryContextAttributesW

EnumerateSecurityPackagesW

CommandLineToArgvW

IsCharAlphaNumericW

GetKeyboardLayout

DispatchMessageW

DefWindowProcW

SetClipboardViewer

SendMessageW

GetClipboardSequenceNumber

OpenClipboard

CreateWindowExW

ChangeClipboardChain

GetClipboardData

RegisterClassExW

TranslateMessage

EnumClipboardFormats

PostMessageW

UnregisterClassW

GetMessageW

CloseClipboard

DestroyWindow

CreateEnvironmentBlock

DestroyEnvironmentBlock

GetFileVersionInfoSizeW

VerQueryValueW

GetFileVersionInfoW

HidD_GetPreparsedData

HidD_FreePreparsedData

HidP_GetCaps

HidD_GetFeature

HidD_GetAttributes

HidD_GetHidGuid

HidD_SetFeature

SetupDiGetDeviceInterfaceDetailW

SetupDiEnumDeviceInterfaces

SetupDiGetClassDevsW

SetupDiDestroyDeviceInfoList

SCardControl

SCardTransmit

SCardDisconnect

SCardGetAttrib

SCardEstablishContext

SCardFreeMemory

SCardListReadersW

SCardReleaseContext

SCardGetCardTypeProviderNameW

SCardListCardsW

SCardConnectW

WinStationCloseServer

WinStationOpenServerW

WinStationFreeMemory

WinStationConnectW

WinStationQueryInformationW

WinStationEnumerateW

ord140

ord122

ord14

ord88

ord133

ord142

ord77

ord27

ord13

ord147

ord96

ord208

ord224

ord36

ord79

ord157

ord26

ord41

ord127

ord73

ord301

ord304

ord309

ord54

ord310

ord69

ord139

ord97

ord223

ord12

ord145

ord113

ord167

ord203

ASN1_CreateModule

ASN1BERDotVal2Eoid

ASN1_CloseEncoder

ASN1_CreateDecoder

ASN1_FreeEncoded

ASN1_CloseModule

ASN1_CreateEncoder

ASN1_CloseDecoder

RtlFreeAnsiString

RtlDowncaseUnicodeString

RtlFreeUnicodeString

RtlInitUnicodeString

RtlEqualUnicodeString

NtQueryObject

RtlCompressBuffer

RtlGetCompressionWorkSpaceSize

NtQuerySystemInformation

RtlGetCurrentPeb

NtQueryInformationProcess

RtlCreateUserThread

RtlUnicodeStringToAnsiString

RtlStringFromGUID

NtCompareTokens

RtlGetNtVersionNumbers

RtlEqualString

RtlUpcaseUnicodeString

RtlAppendUnicodeStringToString

RtlAnsiStringToUnicodeString

RtlFreeOemString

RtlUpcaseUnicodeStringToOemString

NtResumeProcess

RtlAdjustPrivilege

NtSuspendProcess

NtTerminateProcess

NtQuerySystemEnvironmentValueEx

NtSetSystemEnvironmentValueEx

RtlGUIDFromString

NtEnumerateSystemEnvironmentValuesEx

RtlIpv4AddressToStringW

RtlIpv6AddressToStringW

GetFullPathNameA

GetFullPathNameW

GetTimeFormatW

HeapReAlloc

GetSystemTimeAsFileTime

SystemTimeToFileTime

GetDateFormatW

lstrlenW

RtlVirtualUnwind

LoadLibraryA

GetProcessId

PurgeComm

ClearCommError

CreateRemoteThread

WaitForSingleObject

SetLastError

CreateProcessW

SetConsoleOutputCP

GetConsoleOutputCP

CreateFileMappingW

UnmapViewOfFile

MapViewOfFile

WriteProcessMemory

VirtualAllocEx

VirtualProtectEx

VirtualAlloc

ReadProcessMemory

VirtualFreeEx

VirtualQueryEx

VirtualFree

VirtualQuery

GetComputerNameExW

DeviceIoControl

DuplicateHandle

OpenProcess

GetCurrentProcess

ExpandEnvironmentStringsW

FindNextFileW

FindClose

GetCurrentDirectoryW

GetFileSizeEx

FlushFileBuffers

GetFileAttributesW

FindFirstFileW

DeleteFileA

GetTempPathA

GetFileInformationByHandle

FileTimeToLocalFileTime

GetCurrentDirectoryA

GetTempFileNameA

SetFilePointer

CreateFileA

FileTimeToDosDateTime

CreateThread

LocalFree

CloseHandle

LocalAlloc

GetLastError

CreateFileW

ReadFile

TerminateThread

WriteFile

FileTimeToSystemTime

Sleep

VirtualProtect

CreateMutexW

HeapCompact

TryEnterCriticalSection

SetEndOfFile

HeapAlloc

QueryPerformanceCounter

HeapFree

UnlockFile

FlushViewOfFile

LockFile

WaitForSingleObjectEx

OutputDebugStringW

GetTickCount

UnlockFileEx

GetProcessHeap

FormatMessageA

InitializeCriticalSection

FormatMessageW

GetVersionExW

HeapDestroy

LeaveCriticalSection

GetFileAttributesA

GetFileSize

HeapCreate

HeapValidate

MultiByteToWideChar

GetTempPathW

HeapSize

LockFileEx

EnterCriticalSection

GetDiskFreeSpaceW

CreateFileMappingA

GetDiskFreeSpaceA

GetSystemInfo

GetFileAttributesExW

DeleteCriticalSection

OutputDebugStringA

GetVersionExA

DeleteFileW

GetCurrentProcessId

GetSystemTime

AreFileApisANSI

ExitProcess

RaiseException

SetConsoleCtrlHandler

SetConsoleTitleW

lstrlenA

FreeLibrary

LoadLibraryW

GetProcAddress

GlobalSize

GetModuleHandleW

SetHandleInformation

CreatePipe

SetEvent

CreateEventW

RtlLookupFunctionEntry

RtlCaptureContext

TerminateProcess

UnhandledExceptionFilter

SetUnhandledExceptionFilter

GetCurrentThreadId

WideCharToMultiByte

GetSystemDirectoryW

SetConsoleCursorPosition

GetTimeZoneInformation

GetStdHandle

FillConsoleOutputCharacterW

GetComputerNameW

ProcessIdToSessionId

GetCurrentThread

SetCurrentDirectoryW

GetConsoleScreenBufferInfo

isdigit

calloc

isspace

_read

_lseeki64

__mb_cur_max

isleadbyte

isxdigit

localeconv

_snprintf

_itoa

wctomb

ferror

iswctype

wcstombs

_write

_isatty

ungetc

?terminate@@YAXXZ

__badioinfo

__pioinfo

__set_app_type

mbtowc

_fileno

_fmode

_commode

__setusermatherr

_errno

free

_wcsdup

_vsnprintf

strrchr

_wcsicmp

vfwprintf

_vscwprintf

fflush

_wfopen

wprintf

memcmp

_iob

vwprintf

_setmode

fclose

_stricmp

wcsrchr

wcschr

strtoul

_wcsnicmp

wcsstr

gmtime

memmove

malloc

_msize

strftime

realloc

fgetws

wcstoul

wcstol

towupper

_wpgmptr

_wcstoui64

wcsncmp

getchar

memcpy

memset

__C_specific_handler

__wgetmainargs

_XcptFilter

_exit

_cexit

exit

_initterm

_amsg_exit

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ