IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_RELOCS_STRIPPED

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

RegCloseKey

RegQueryValueExW

OpenSCManagerW

CryptAcquireContextW

CryptSetProvParam

QueryServiceStatus

CloseServiceHandle

AllocateAndInitializeSid

LookupAccountSidW

CryptGetHashParam

CryptDestroyHash

RegOpenKeyW

CryptGetProvParam

ReportEventW

RegQueryInfoKeyW

RegEnumKeyExW

RegConnectRegistryW

CryptReleaseContext

FreeSid

TraceEvent

SystemFunction006

GetTraceLoggerHandle

RegCreateKeyExW

OpenProcessToken

RegisterTraceGuidsW

OpenThreadToken

QueryServiceConfigW

SetThreadToken

SystemFunction007

GetTokenInformation

RegisterEventSourceW

RegOpenKeyExW

RegDeleteValueW

CryptCreateHash

RegSetValueExW

CredUnmarshalCredentialW

RegNotifyChangeKeyValue

OpenServiceW

DeregisterEventSource

CryptHashData

CredFree

RevertToSelf

LsaFreeReturnBuffer

LsaGetLogonSessionData

FreeContextBuffer

CredMarshalTargetInfo

CredUnmarshalTargetInfo

RtlLeaveCriticalSection

RtlOemStringToUnicodeString

RtlTimeToTimeFields

RtlFreeSid

RtlDeleteCriticalSection

RtlAppendUnicodeStringToString

DbgPrint

RtlVerifyVersionInfo

RtlInitializeGenericTableAvl

RtlCompareMemory

RtlInitializeCriticalSection

RtlCreateAcl

RtlCreateTimer

NtAllocateLocallyUniqueId

RtlConvertSidToUnicodeString

NtQuerySystemTime

RtlUniform

RtlInsertElementGenericTable

RtlEraseUnicodeString

NtDuplicateObject

RtlAcquireResourceShared

RtlAnsiStringToUnicodeString

RtlFreeUnicodeString

RtlLengthSid

NtOpenThreadToken

RtlRegisterWait

RtlCreateTimerQueue

RtlGetElementGenericTable

RtlInitializeResource

RtlDeleteElementGenericTable

NtWaitForSingleObject

RtlPrefixUnicodeString

RtlAcquireResourceExclusive

VerSetConditionMask

RtlAddAccessAllowedAce

RtlCopyLuid

RtlCompareUnicodeString

NtOpenEvent

RtlUnicodeStringToAnsiString

RtlIntegerToUnicodeString

RtlNtStatusToDosError

NtQueryInformationToken

RtlLookupElementGenericTable

RtlSubAuthoritySid

RtlInitAnsiString

RtlSubAuthorityCountSid

RtlDeleteTimerQueue

RtlEqualSid

RtlLookupElementGenericTableAvl

RtlCreateSecurityDescriptor

RtlConvertSharedToExclusive

RtlUpcaseUnicodeString

RtlLengthRequiredSid

RtlInitUnicodeString

NtSetSecurityObject

RtlInsertElementGenericTableAvl

RtlCopyUnicodeString

RtlCopySid

RtlEqualUnicodeString

RtlEqualDomainName

RtlRunDecodeUnicodeString

RtlDowncaseUnicodeString

NtAllocateVirtualMemory

NtOpenProcessToken

RtlDeleteResource

RtlFreeAnsiString

NtQuerySystemInformation

RtlDeregisterWait

NtCreateEvent

RtlSetDaclSecurityDescriptor

RtlInitializeSid

RtlInitializeGenericTable

RtlTimeFieldsToTime

RtlEnterCriticalSection

RtlAllocateAndInitializeSid

RtlReleaseResource

RtlSystemTimeToLocalTime

NtClose

InterlockedExchangeAdd

GetComputerNameW

GetModuleHandleW

GetModuleFileNameA

GetACP

GetLocalTime

InterlockedCompareExchange

InitializeCriticalSection

UnhandledExceptionFilter

WideCharToMultiByte

FileTimeToSystemTime

OutputDebugStringA

FormatMessageW

GetCurrentThreadId

VirtualAlloc

SetUnhandledExceptionFilter

lstrlenA

GetCurrentThread

CreateEventW

lstrcmpiA

lstrcmpW

LoadLibraryW

GetComputerNameExW

LeaveCriticalSection

CreateFileMappingW

DeleteCriticalSection

GetCurrentProcess

LoadLibraryA

CreateFileA

GetLastError

OpenFileMappingW

UnmapViewOfFile

LocalAlloc

TerminateProcess

Sleep

LocalFree

DebugBreak

MapViewOfFileEx

GetSystemTimeAsFileTime

RegisterWaitForSingleObjectEx

InterlockedDecrement

UnregisterWait

lstrcpyW

WriteFile

FreeLibrary

QueryPerformanceCounter

MultiByteToWideChar

EnterCriticalSection

CreateFileW

CloseHandle

GetTickCount

RaiseException

GetProfileStringA

SetEvent

GetModuleFileNameW

ExpandEnvironmentStringsW

GetEnvironmentVariableW

InterlockedExchange

lstrlenW

InterlockedIncrement

GetCurrentProcessId

OpenEventW

DisableThreadLibraryCalls

GetSystemInfo

GetProcAddress

CDLocateCSystem

CDBuildIntegrityVect

CDLocateCheckSum

CDGenerateRandomBits

MD5Init

MD5Final

CDFindCommonCSystemWithKey

MD5Update

wsprintfW

CharLowerBuffW

ASN1BERDecBitString

ASN1BEREncObjectIdentifier

ASN1BERDecBool

ASN1BERDecOctetString

ASN1Free

ASN1intx_setuint32

ASN1BERDecObjectIdentifier

ASN1octetstring_free

ASN1BEREncS32

ASN1_Decode

ASN1BERDecGeneralizedTime

ASN1_CloseDecoder

ASN1_FreeEncoded

ASN1ztcharstring_free

ASN1BEREncOpenType

ASN1BEREncBool

ASN1EncSetError

ASN1intxisuint32

ASN1CEREncGeneralizedTime

ASN1DecSetError

ASN1_CreateModule

ASN1_CreateDecoder

ASN1_CreateEncoder

ASN1_Encode

ASN1BERDecSkip

ASN1BERDecExplicitTag

ASN1BERDecEndOfContents

ASN1intx_free

ASN1charstring_free

ASN1_CloseEncoder

ASN1BEREncBitString

ASN1BEREncEndOfContents

ASN1BERDecU32Val

ASN1BEREncOctetString

ASN1DecAlloc

ASN1BERDecS32Val

ASN1BERDecOpenType2

ASN1bitstring_free

ASN1_FreeDecoded

ASN1intx2int32

ASN1BERDecZeroCharString

ASN1BEREncU32

ASN1BERDecNotEndOfContents

ASN1BERDecPeekTag

ASN1BEREncSX

ASN1intx2uint32

ASN1BEREncExplicitTag

ASN1BERDecSXVal

ASN1BERDecCharString

ASN1BEREncCharString

ASN1objectidentifier_free

strrchr

wcsrchr

wcscpy

_strcmpi

wcslen

_adjust_fdiv

sprintf

wcscmp

sscanf

_ultoa

strchr

wcsspn

malloc

_except_handler3

_initterm

wcstoul

_wcsicmp

_strnicmp

wcscat

_stricmp

free

qsort

_wcsnicmp

_vsnprintf

swprintf

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_CNT_UNINITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE