IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_RELOCS_STRIPPED

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_AGGRESIVE_WS_TRIM

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DEBUG_STRIPPED

??2@YAPAXI@Z

exit

_vsnwprintf

wcslen

_wcsrev

__p___initenv

_exit

_XcptFilter

__setusermatherr

__getmainargs

_initterm

__p__fmode

_adjust_fdiv

__p__commode

_controlfp

__set_app_type

_except_handler3

_ultow

_purecall

_wcsnicmp

_wtol

wcsspn

_vsnprintf

wcsncpy

wcsrchr

_wcsicmp

rand

wcschr

memmove

wcspbrk

_itow

??3@YAXPAX@Z

RegDeleteValueW

RegConnectRegistryW

RegEnumKeyExW

RegOpenKeyExA

DuplicateToken

GetSecurityDescriptorDacl

InitializeAcl

AddAce

InitializeSecurityDescriptor

SetSecurityDescriptorDacl

RegCreateKeyExW

ConvertSidToStringSidW

GetUserNameW

LookupAccountSidW

LsaStorePrivateData

LsaRetrievePrivateData

GetKernelObjectSecurity

AllocateAndInitializeSid

StartServiceCtrlDispatcherW

RegisterServiceCtrlHandlerExW

SetServiceStatus

ConvertStringSecurityDescriptorToSecurityDescriptorW

CryptGenKey

CryptAcquireContextW

RegOpenKeyExW

RegQueryValueExW

SetFileSecurityW

RegSetValueExW

RegCloseKey

RegisterEventSourceW

DeregisterEventSource

GetSidSubAuthority

GetSidSubAuthorityCount

IsValidSid

GetSecurityDescriptorOwner

GetFileSecurityW

OpenProcessToken

CopySid

GetTokenInformation

ReportEventW

CryptDestroyKey

LookupAccountNameW

FreeSid

ImpersonateLoggedOnUser

RevertToSelf

LogonUserW

CreateProcessAsUserW

GetSidIdentifierAuthority

CryptGetHashParam

CryptReleaseContext

OpenThreadToken

LsaClose

CryptHashData

LsaFreeMemory

LsaQueryInformationPolicy

GetLengthSid

CryptCreateHash

CryptSignHashW

CryptDestroyHash

LsaOpenPolicy

LsaAddAccountRights

CreateMutexW

OpenEventW

LocalFree

CloseHandle

ReleaseMutex

InterlockedExchange

GetSystemPowerStatus

SetEvent

DeleteAtom

GetModuleHandleW

SetConsoleCtrlHandler

CreateEventW

CreateThread

WaitForMultipleObjects

WaitForSingleObject

lstrcmpiA

GetLastError

SystemTimeToFileTime

GetCurrentProcess

GetFileInformationByHandle

FormatMessageW

GetVersion

GetLocalTime

GetSystemTime

SetFileAttributesW

lstrcpynW

GetFileSize

DeleteFileW

GetFileType

EnterCriticalSection

GetStartupInfoW

SetLastError

GetEnvironmentVariableW

GetFullPathNameW

GetComputerNameExW

GetDriveTypeW

LoadLibraryExW

CreateDirectoryW

FormatMessageA

GetLocaleInfoW

IsBadWritePtr

MultiByteToWideChar

GetUserDefaultLCID

TlsGetValue

TlsSetValue

GetVersionExW

GetVolumeInformationW

GetSystemTimeAsFileTime

FindNextChangeNotification

CreateProcessW

SetEnvironmentVariableW

SearchPathW

GetExitCodeProcess

TerminateProcess

GetTickCount

InterlockedIncrement

InterlockedDecrement

SetThreadPriority

lstrcmpiW

GetCurrentThread

GetComputerNameW

FreeLibrary

LocalReAlloc

LoadLibraryW

WriteFile

ReadFile

SetFilePointer

CreateFileW

GetFileAttributesW

ExpandEnvironmentStringsW

InitializeCriticalSection

LeaveCriticalSection

SetCurrentDirectoryW

ResetEvent

FindFirstFileW

lstrlenW

LocalAlloc

SetEndOfFile

GetTimeFormatW

GetDateFormatW

TlsFree

FileTimeToLocalFileTime

DeleteCriticalSection

TlsAlloc

CompareFileTime

FindClose

FindNextFileW

FindFirstChangeNotificationW

OpenProcess

FileTimeToSystemTime

GetProcAddress

LocalFileTimeToFileTime

GetCurrentDirectoryW

CreateWaitableTimerW

FindCloseChangeNotification

CancelWaitableTimer

SetWaitableTimer

Sleep

GetStockObject

DefWindowProcW

PostQuitMessage

DestroyWindow

CloseDesktop

RegisterWindowMessageW

LoadCursorW

RegisterClassW

CreateWindowExW

ShowWindow

SetUserObjectSecurity

CreateDesktopW

CreateWindowStationW

MessageBoxW

CloseWindowStation

SetProcessWindowStation

GetWindowThreadProcessId

TranslateMessage

EnumThreadWindows

SendMessageW

EnumWindows

LoadStringA

MessageBoxA

PostMessageW

LoadStringW

UpdateWindow

GetMessageW

DispatchMessageW

VerQueryValueW

GetFileVersionInfoW

GetFileVersionInfoSizeW

NetApiBufferFree

NetUserGetInfo

DsGetDcNameW

GetUserNameExW

DsCrackNamesW

DsUnBindW

DsFreeNameResultW

DsBindW

PathFindExtensionW

FindExecutableW

SHChangeNotify

RtlAddAce

RtlSetSaclSecurityDescriptor

RtlCreateSecurityDescriptor

RtlSubAuthorityCountSid

RtlNewSecurityObject

RtlDeleteSecurityObject

RtlSetOwnerSecurityDescriptor

RtlAddAccessAllowedAce

RtlCopySid

NtOpenThreadToken

NtAccessCheck

RtlNtStatusToDosError

NtDuplicateToken

NtOpenProcessToken

NtQuerySystemInformation

RtlSetDaclSecurityDescriptor

RtlLengthRequiredSid

RtlInitializeSid

RtlSubAuthoritySid

RtlSetGroupSecurityDescriptor

RtlLengthSid

RtlCreateAcl

NtSetInformationThread

NtClose

NtDuplicateObject

RpcBindingVectorFree

RpcRevertToSelf

RpcEpRegisterW

UuidCreate

RpcServerInqBindings

RpcServerUseProtseqEpW

RpcServerUseProtseqW

RpcEpUnregister

RpcServerUnregisterIf

RpcServerRegisterAuthInfoW

RpcImpersonateClient

NdrServerCall2

RpcServerRegisterIfEx

LoadUserProfileW

CreateEnvironmentBlock

DestroyEnvironmentBlock

UnloadUserProfile

CoInitializeEx

CoUninitialize

CoCreateInstance

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_CODE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE