IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

ord5699

ord659

ord1463

ord1577

ord1491

ord1416

ord1553

ord1477

ord355

ord1585

ord1583

ord1555

ord1586

ord1544

ord812

ord288

ord1082

ord2629

ord6886

ord5687

ord5406

ord6437

ord1777

ord4752

ord5702

ord4771

ord3761

ord6385

ord4548

ord6632

ord2661

ord5887

ord2975

ord4257

ord4473

ord4609

ord6328

ord6614

ord1442

ord5077

ord2517

ord2906

ord287

ord5245

ord4721

ord6351

ord3417

ord1063

ord6887

ord2752

ord3916

ord4770

ord4983

ord4371

ord3164

ord4077

ord4083

ord4082

ord3046

ord3166

ord3052

ord3366

ord3231

ord4557

ord2329

ord1126

ord1040

ord626

ord912

ord4815

ord3362

ord3243

ord3049

ord3806

ord3501

ord4747

ord2593

ord822

ord665

ord1067

ord3743

ord4988

ord3535

ord4598

ord2140

ord2457

ord5683

ord1736

ord5484

ord3933

ord6814

ord2060

ord2670

ord4789

ord5229

ord4017

ord5712

ord4694

ord6812

ord5586

ord2399

ord5663

ord4741

ord1778

ord4365

ord6440

ord2586

ord6053

ord5711

ord852

ord337

ord6813

ord4836

ord2559

ord2515

ord6071

ord4191

ord1388

ord5615

ord2412

ord3468

ord5722

ord5724

ord4368

ord5065

ord5730

_CxxThrowException

memcmp

memcpy

memset

_wcsnicmp

_vsnwprintf

??_V@YAXPEAX@Z

malloc

free

_ltow_s

_wcsicmp

strcmp

__CxxFrameHandler3

_XcptFilter

_amsg_exit

_initterm

__C_specific_handler

??1type_info@@UEAA@XZ

_onexit

__dllonexit

_unlock

_lock

RtlLookupFunctionEntry

RtlCaptureContext

NtQueryInformationToken

RtlAllocateAndInitializeSid

RtlFreeSid

RtlNtStatusToDosError

RtlVirtualUnwind

GetModuleHandleW

SetCurrentDirectoryW

GetCurrentDirectoryW

FindClose

FindNextFileW

UnhandledExceptionFilter

GetFullPathNameW

Sleep

WaitForSingleObject

OpenEventW

OutputDebugStringA

QueryActCtxW

GetModuleHandleExW

GetModuleFileNameW

CreateActCtxW

FindActCtxSectionStringW

ActivateActCtx

GetProcAddress

GetFileAttributesW

DeactivateActCtx

CreateThread

FormatMessageW

lstrlenW

GetComputerNameW

CloseHandle

GetCurrentProcess

SetLastError

LocalFree

LocalAlloc

GetLastError

SetUnhandledExceptionFilter

TerminateProcess

QueryPerformanceCounter

GetCurrentProcessId

GetCurrentThreadId

GetUserPreferredUILanguages

LoadLibraryW

GetLocaleInfoEx

GetSystemTimeAsFileTime

GetTickCount

GetCurrentThread

HeapFree

HeapAlloc

FindFirstFileExW

GetProcessHeap

LoadIconW

DefWindowProcW

PostQuitMessage

MessageBoxW

LoadStringW

SetTimer

GetMessageW

TranslateMessage

DispatchMessageW

KillTimer

PostMessageW

SendMessageW

EnableWindow

GetClientRect

DestroyWindow

CoCreateInstance

CoInitialize

CoUninitialize

CoTaskMemFree

CoInitializeEx

CoTaskMemAlloc

SysStringByteLen

SysFreeString

SysAllocString

OpenServiceW

GetTokenInformation

OpenThreadToken

LsaFreeMemory

LsaLookupSids

LsaOpenPolicy

OpenSCManagerW

LsaClose

ChangeServiceConfigW

CloseServiceHandle

EventRegister

EventUnregister

EventEnabled

EventWrite

CheckTokenMembership

GetLengthSid

CopySid

OpenProcessToken

RegCreateKeyExW

RegQueryValueExW

RegSetValueExW

RegCloseKey

CredMarshalCredentialW

UsePinForEncryptedFilesW

CredFree

SetUserFileEncryptionKeyEx

RegOpenKeyExW

EncryptFileW

CryptSetProvParam

RemoveUsersFromEncryptedFile

AddUsersToEncryptedFile

FreeEncryptionCertificateHashList

QueryRecoveryAgentsOnEncryptedFile

QueryUsersOnEncryptedFile

EqualSid

FreeEncryptedFileKeyInfo

EncryptedFileKeyInfo

CredPackAuthenticationBufferW

CredUIPromptForWindowsCredentialsW

CredUnPackAuthenticationBufferW

CryptUIDlgSelectCertificateW

CryptUIWizExport

CryptDecodeObject

CertVerifyCertificateChainPolicy

CertFreeCertificateChain

CryptStringToBinaryW

CertFreeCertificateContext

CertOpenStore

CertAddCertificateContextToStore

CertCloseStore

CryptBinaryToStringW

CertCreateCertificateContext

CertFindCertificateInStore

CertGetCertificateContextProperty

CertSetCertificateContextProperty

CertVerifyTimeValidity

CertGetEnhancedKeyUsage

CertFindExtension

CertGetCertificateChain

CertGetNameStringW

CertEnumCertificatesInStore

CertAddCertificateLinkToStore

CryptEncodeObjectEx

StrDupW

ord278

SHCreateItemFromParsingName

ord155

Shell_NotifyIconW

SHChangeNotifySuspendResume

SHGetFolderPathW

ord190

RefreshPolicy

ord18

ord26

ord140

ord41

ord224

ord170

ord16

ord73

ord13

ord208

NetApiBufferFree

DsRoleGetPrimaryDomainInformation

DsRoleFreeMemory

DsGetDcNameW

RpcStringFreeW

UuidCreate

UuidToStringW

EfsUtilCheckCurrentKeyCapabilities

EfsUtilSetSmartcardPin

EfsUtilGetCurrentKey

EfsUtilSmartcardCredsNeededError

EfsUtilGetUserKey

EfsUtilGetSmartcardProviderName

EfsUtilReleaseUserKey

EfsUtilGetCertContextFromCertHash

EfsUtilApplyGroupPolicy

EfsUtilCreateSelfSignedCertificate

EfsUtilGetCurrentUserInformation

EfsClientQueryProtectors

EfsClientFreeProtectorList

VaultCloseVault

VaultGetItem

VaultOpenVault

VaultFree

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ