IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

VerQueryValueW

GetFileVersionInfoW

GetFileVersionInfoSizeW

BCryptDecrypt

BCryptEncrypt

BCryptGenerateSymmetricKey

BCryptSetProperty

BCryptGetProperty

NCryptExportKey

NCryptImportKey

NCryptSetProperty

NCryptGetProperty

NCryptOpenKey

NCryptFreeBuffer

NCryptEnumKeys

BCryptEnumRegisteredProviders

NCryptOpenStorageProvider

BCryptFreeBuffer

BCryptDestroyKey

BCryptImportKeyPair

BCryptExportKey

BCryptCloseAlgorithmProvider

BCryptOpenAlgorithmProvider

NCryptFreeObject

FilterFindNext

FilterFindFirst

ord14

ord13

ord11

ord10

DestroyEnvironmentBlock

CreateEnvironmentBlock

SCardListCardsW

SCardControl

SCardGetAttrib

SCardConnectW

SCardFreeMemory

SCardGetCardTypeProviderNameW

SCardEstablishContext

SCardReleaseContext

SCardListReadersW

SCardTransmit

SCardDisconnect

CryptGetKeyParam

QueryServiceObjectSecurity

OpenServiceW

OpenSCManagerW

DeleteService

CreateServiceW

ControlService

CloseServiceHandle

FreeSid

AllocateAndInitializeSid

RegSetValueExW

RegQueryInfoKeyW

RegEnumValueW

RegEnumKeyExW

CreateProcessWithLogonW

CreateWellKnownSid

CopySid

CryptDuplicateKey

CryptEncrypt

CryptSetHashParam

CryptAcquireContextA

CredIsMarshaledCredentialW

CredUnmarshalCredentialW

SystemFunction025

SystemFunction024

ConvertStringSecurityDescriptorToSecurityDescriptorW

CredFree

CredEnumerateW

RegQueryValueExW

RegOpenKeyExW

RegCloseKey

LookupPrivilegeNameW

OpenThreadToken

StartServiceCtrlDispatcherW

SetServiceStatus

RegisterServiceCtrlHandlerW

CreateProcessAsUserW

OpenProcessToken

LookupPrivilegeValueW

LsaQuerySecret

LsaOpenSecret

CheckTokenMembership

LookupAccountNameW

LookupAccountSidW

IsTextUnicode

BuildSecurityDescriptorW

StartServiceW

SetServiceObjectSecurity

CryptAcquireContextW

CryptReleaseContext

CryptGenKey

CryptDestroyKey

CryptSetKeyParam

CryptSetProvParam

CryptGetProvParam

CryptEnumProvidersW

ConvertSidToStringSidW

ConvertStringSidToSidW

LsaFreeMemory

IsValidSid

GetSidSubAuthority

GetSidSubAuthorityCount

CryptDecrypt

SetThreadToken

GetTokenInformation

DuplicateTokenEx

QueryServiceStatusEx

CryptGetUserKey

CryptExportKey

CryptImportKey

CryptEnumProviderTypesW

SystemFunction006

SystemFunction007

ClearEventLogW

GetNumberOfEventLogRecords

OpenEventLogW

GetLengthSid

CryptDeriveKey

CryptGetHashParam

CryptCreateHash

CryptHashData

CryptDestroyHash

CryptSignHashW

LsaClose

LsaOpenPolicy

LsaQueryInformationPolicy

LsaQueryTrustedDomainInfoByName

LsaEnumerateTrustedDomainsEx

LsaRetrievePrivateData

SystemFunction001

SystemFunction005

SystemFunction013

SystemFunction032

A_SHAUpdate

A_SHAFinal

A_SHAInit

CryptEncodeObject

CertOpenStore

CertCloseStore

CertFindCertificateInStore

CertFreeCertificateContext

CertGetCertificateContextProperty

CryptSignAndEncodeCertificate

CryptStringToBinaryW

CryptUnprotectData

PFXExportCertStoreEx

CertAddEncodedCertificateToStore

CertSetCertificateContextProperty

CertGetNameStringW

CertEnumSystemStore

CryptExportPublicKeyInfo

CryptAcquireCertificatePrivateKey

CertNameToStrW

CertAddCertificateContextToStore

CryptBinaryToStringW

CertEnumCertificatesInStore

CryptProtectData

CDGenerateRandomBits

MD5Final

MD5Update

MD5Init

CDLocateCheckSum

CDLocateCSystem

DnsQuery_A

DnsFree

NetRemoteTOD

DsEnumerateDomainTrustsW

NetApiBufferFree

NetSessionEnum

NetWkstaUserEnum

NetShareEnum

NetStatisticsGet

DsGetDcNameW

NetServerGetInfo

I_NetServerTrustPasswordsGet

I_NetServerAuthenticate2

I_NetServerReqChallenge

CoCreateInstance

CoUninitialize

CoInitializeEx

SysFreeString

SysAllocString

VariantInit

RpcBindingSetAuthInfoExW

RpcBindingFree

RpcBindingToStringBindingW

RpcBindingVectorFree

RpcStringFreeW

RpcServerInqBindings

RpcServerListen

RpcServerRegisterIf2

RpcServerUnregisterIfEx

RpcServerUseProtseqEpW

RpcMgmtStopServerListening

RpcEpResolveBinding

RpcServerRegisterAuthInfoW

RpcEpRegisterW

RpcEpUnregister

RpcMgmtEpEltInqBegin

RpcMgmtEpEltInqDone

RpcMgmtEpEltInqNextW

UuidCreate

I_RpcGetCurrentCallHandle

I_RpcBindingInqSecurityContext

RpcBindingSetOption

RpcBindingFromStringBindingW

RpcStringBindingComposeW

RpcImpersonateClient

RpcRevertToSelf

RpcBindingInqAuthClientW

NdrMesTypeFree2

RpcMgmtWaitServerListen

UuidToStringW

NdrServerCall2

NdrClientCall2

NdrMesTypeEncode2

NdrMesTypeAlignSize2

MesHandleFree

MesIncrementalHandleReset

MesDecodeIncrementalHandleCreate

MesEncodeIncrementalHandleCreate

NdrMesTypeDecode2

PathCombineW

PathIsDirectoryW

PathFindFileNameW

PathCanonicalizeW

PathIsRelativeW

SamLookupNamesInDomain

SamEnumerateUsersInDomain

SamiChangePasswordUser

SamSetInformationUser

SamQueryInformationUser

SamOpenUser

SamOpenDomain

SamLookupDomainInSamServer

SamEnumerateDomainsInSamServer

SamConnect

SamCloseHandle

SamFreeMemory

SamOpenGroup

SamOpenAlias

SamGetGroupsForUser

SamGetAliasMembership

SamGetMembersInGroup

SamGetMembersInAlias

SamEnumerateGroupsInDomain

SamEnumerateAliasesInDomain

SamRidToSid

SamLookupIdsInDomain

InitializeSecurityContextW

DeleteSecurityContext

FreeContextBuffer

EnumerateSecurityPackagesW

QueryContextAttributesW

FreeCredentialsHandle

AcquireCredentialsHandleW

LsaFreeReturnBuffer

LsaCallAuthenticationPackage

LsaConnectUntrusted

LsaDeregisterLogonProcess

LsaLookupAuthenticationPackage

CommandLineToArgvW

PostMessageW

DefWindowProcW

UnregisterClassW

SendMessageW

CreateWindowExW

DestroyWindow

OpenClipboard

CloseClipboard

GetClipboardSequenceNumber

SetClipboardViewer

ChangeClipboardChain

GetClipboardData

EnumClipboardFormats

GetUserObjectInformationW

IsCharAlphaNumericW

DispatchMessageW

GetMessageW

GetKeyboardLayout

RegisterClassExW

TranslateMessage

HidD_GetHidGuid

HidP_GetCaps

HidD_GetAttributes

HidD_GetPreparsedData

HidD_FreePreparsedData

HidD_SetFeature

HidD_GetFeature

SetupDiGetClassDevsW

SetupDiEnumDeviceInterfaces

SetupDiGetDeviceInterfaceDetailW

SetupDiDestroyDeviceInfoList

ord79

ord54

ord301

ord304

ord309

ord310

ord13

ord208

ord41

ord26

ord27

ord36

ord127

ord167

ord142

ord73

ord133

ord147

ord145

ord88

ord12

ord14

ord203

ord157

ord69

ord113

ord140

ord139

ord97

ord96

ord77

ord224

ord223

ord122

NtCompareTokens

RtlCreateUserThread

RtlGetCurrentPeb

NtQueryInformationProcess

RtlDecompressBuffer

RtlCompressBuffer

RtlGetCompressionWorkSpaceSize

RtlDowncaseUnicodeString

RtlFreeAnsiString

RtlUnicodeStringToAnsiString

NtQuerySystemInformation

NtQueryObject

RtlIpv6AddressToStringW

RtlIpv4AddressToStringW

NtEnumerateSystemEnvironmentValuesEx

NtSetSystemEnvironmentValueEx

NtQuerySystemEnvironmentValueEx

NtTerminateProcess

NtSuspendProcess

RtlAdjustPrivilege

NtResumeProcess

RtlStringFromGUID

RtlFreeUnicodeString

RtlFreeOemString

RtlUpcaseUnicodeStringToOemString

RtlEqualUnicodeString

RtlGetNtVersionNumbers

RtlEqualString

RtlGUIDFromString

RtlInitUnicodeString

RtlUpcaseUnicodeString

RtlAppendUnicodeStringToString

RtlAnsiStringToUnicodeString

ASN1_CreateModule

ASN1BERDotVal2Eoid

ASN1_CloseModule

ASN1_CreateEncoder

ASN1BEREoid2DotVal

ASN1_CreateDecoder

ASN1_CloseDecoder

ASN1_FreeEncoded

ASN1_CloseEncoder

ASN1Free

WinStationConnectW

WinStationFreeMemory

WinStationEnumerateW

WinStationQueryInformationW

WinStationOpenServerW

WinStationCloseServer

GetModuleHandleExW

GetCommandLineA

GetCurrentThreadId

IsDebuggerPresent

IsProcessorFeaturePresent

IsValidCodePage

GetACP

GetOEMCP

GetCPInfo

RtlUnwind

GetModuleFileNameW

GetStringTypeW

UnhandledExceptionFilter

SetUnhandledExceptionFilter

InitializeCriticalSectionAndSpinCount

TerminateProcess

TlsAlloc

TlsGetValue

TlsSetValue

TlsFree

GetStartupInfoW

LoadLibraryExW

GetConsoleCP

GetConsoleMode

GetFileType

GetModuleFileNameA

GetEnvironmentStringsW

FreeEnvironmentStringsW

ExitProcess

TryEnterCriticalSection

GetFullPathNameW

GetFullPathNameA

HeapReAlloc

GetFileSize

LeaveCriticalSection

EnterCriticalSection

InitializeCriticalSection

CreateProcessW

CreatePipe

SetHandleInformation

ReadFile

WaitForSingleObject

SystemTimeToFileTime

SetConsoleCtrlHandler

CreateMutexW

HeapCompact

SetEndOfFile

HeapAlloc

GetModuleHandleW

GlobalSize

SetLastError

Sleep

CreateThread

CreateFileW

LoadLibraryW

lstrlenA

GetProcAddress

FreeLibrary

GetSystemTimeAsFileTime

GetLastError

CloseHandle

GetCurrentProcessId

OpenProcess

AllocConsole

lstrlenW

RaiseException

LocalFree

LocalAlloc

InterlockedDecrement

InterlockedIncrement

SetEvent

CreateEventW

GetCurrentProcess

GetStdHandle

GetTimeZoneInformation

GetSystemDirectoryW

SetCurrentDirectoryW

IsWow64Process

DeleteCriticalSection

FillConsoleOutputCharacterW

GetConsoleScreenBufferInfo

SetConsoleCursorPosition

GetCurrentThread

ProcessIdToSessionId

GetComputerNameW

GetProcessId

FileTimeToSystemTime

TerminateThread

WriteFile

GetFileInformationByHandle

SetFilePointer

FileTimeToLocalFileTime

FileTimeToDosDateTime

GetTempPathA

GetTempFileNameA

GetCurrentDirectoryA

CreateFileA

DeleteFileA

GetFileSizeEx

FlushFileBuffers

FindClose

ExpandEnvironmentStringsW

GetCurrentDirectoryW

GetFileAttributesW

FindFirstFileW

FindNextFileW

DuplicateHandle

DeviceIoControl

VirtualAlloc

VirtualFree

VirtualProtect

VirtualQuery

VirtualAllocEx

VirtualFreeEx

VirtualProtectEx

VirtualQueryEx

ReadProcessMemory

WriteProcessMemory

MapViewOfFile

UnmapViewOfFile

CreateFileMappingW

GetComputerNameExW

ConnectNamedPipe

DisconnectNamedPipe

SetNamedPipeHandleState

GetNamedPipeInfo

CreateNamedPipeW

WaitNamedPipeW

CreateRemoteThread

ClearCommError

PurgeComm

WideCharToMultiByte

GetTimeFormatW

GetDateFormatW

AreFileApisANSI

GetSystemTime

DeleteFileW

GetVersionExA

OutputDebugStringA

GetFileAttributesExW

GetSystemInfo

GetDiskFreeSpaceA

CreateFileMappingA

GetDiskFreeSpaceW

LockFileEx

HeapSize

GetTempPathW

MultiByteToWideChar

HeapValidate

HeapCreate

GetFileAttributesA

HeapDestroy

GetVersionExW

FormatMessageW

FormatMessageA

GetProcessHeap

UnlockFileEx

CompareStringW

LCMapStringW

SetFilePointerEx

SetStdHandle

WriteConsoleW

ReadConsoleW

SetEnvironmentVariableA

GetTickCount

OutputDebugStringW

WaitForSingleObjectEx

LockFile

FlushViewOfFile

QueryPerformanceCounter

HeapFree

InterlockedCompareExchange

UnlockFile

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ