IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_RELOCS_STRIPPED

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

TerminateProcess

VirtualAlloc

GetLastError

UnregisterWait

CreateFileA

SetUnhandledExceptionFilter

lstrlenW

LocalFree

GetSystemTimeAsFileTime

SetEvent

GetModuleFileNameA

MultiByteToWideChar

GetEnvironmentVariableW

WriteFile

GetCurrentProcess

InterlockedExchangeAdd

GetTickCount

WideCharToMultiByte

DeleteCriticalSection

LoadLibraryA

CreateFileMappingW

LeaveCriticalSection

DisableThreadLibraryCalls

FreeLibrary

lstrlenA

CreateFileW

LoadLibraryW

lstrcpyW

LocalAlloc

ExpandEnvironmentStringsW

GetCurrentProcessId

RegisterWaitForSingleObjectEx

OutputDebugStringA

GetACP

InterlockedIncrement

OpenFileMappingW

GetCurrentThread

GetSystemInfo

UnmapViewOfFile

MapViewOfFileEx

InitializeCriticalSection

GetProcAddress

GetComputerNameExW

FormatMessageW

CloseHandle

GetModuleHandleW

GetLocalTime

lstrcmpiA

QueryPerformanceCounter

InterlockedCompareExchange

GetModuleFileNameW

GetCurrentThreadId

UnhandledExceptionFilter

GetComputerNameW

FileTimeToSystemTime

CreateEventW

OpenEventW

GetProfileStringA

lstrcmpW

Sleep

InterlockedExchange

DebugBreak

EnterCriticalSection

RaiseException

InterlockedDecrement

CryptGetHashParam

CryptCreateHash

RegEnumKeyExW

CryptAcquireContextW

RegDeleteValueW

QueryServiceStatus

GetTraceLoggerHandle

OpenProcessToken

RegSetValueExW

RegOpenKeyW

RegQueryInfoKeyW

CryptDestroyHash

OpenServiceW

OpenSCManagerW

FreeSid

CredUnmarshalCredentialW

LookupAccountSidW

AllocateAndInitializeSid

CloseServiceHandle

RegNotifyChangeKeyValue

CryptGetProvParam

CredFree

RegOpenKeyExW

CryptReleaseContext

RegConnectRegistryW

CryptSetProvParam

RegCloseKey

SystemFunction007

RevertToSelf

QueryServiceConfigW

RegisterTraceGuidsW

DeregisterEventSource

TraceEvent

RegQueryValueExW

RegCreateKeyExW

SystemFunction006

RegisterEventSourceW

SetThreadToken

CryptHashData

GetTokenInformation

ReportEventW

OpenThreadToken

ASN1_Decode

ASN1objectidentifier_free

ASN1BERDecS32Val

ASN1BEREncExplicitTag

ASN1intx_free

ASN1DecAlloc

ASN1BERDecOpenType2

ASN1BERDecCharString

ASN1intxisuint32

ASN1BERDecGeneralizedTime

ASN1BEREncEndOfContents

ASN1BEREncCharString

ASN1_CloseDecoder

ASN1BEREncSX

ASN1BEREncOpenType

ASN1BERDecZeroCharString

ASN1_FreeDecoded

ASN1BERDecNotEndOfContents

ASN1_CloseEncoder

ASN1intx2int32

ASN1BEREncObjectIdentifier

ASN1BEREncBool

ASN1BEREncS32

ASN1intx2uint32

ASN1_CreateModule

ASN1BERDecEndOfContents

ASN1EncSetError

ASN1BEREncBitString

ASN1BERDecSXVal

ASN1BERDecExplicitTag

ASN1BERDecBool

ASN1_Encode

ASN1BERDecBitString

ASN1charstring_free

ASN1_FreeEncoded

ASN1_CreateDecoder

ASN1octetstring_free

ASN1DecSetError

ASN1BERDecSkip

ASN1BEREncU32

ASN1BERDecOctetString

ASN1intx_setuint32

ASN1bitstring_free

ASN1BERDecPeekTag

ASN1BEREncOctetString

ASN1BERDecObjectIdentifier

ASN1CEREncGeneralizedTime

ASN1ztcharstring_free

ASN1Free

ASN1BERDecU32Val

ASN1_CreateEncoder

_ultoa

_adjust_fdiv

wcscat

malloc

wcscmp

_stricmp

free

_wcsicmp

wcslen

_except_handler3

strchr

wcscpy

sprintf

wcstoul

sscanf

qsort

wcsrchr

_strcmpi

_strnicmp

_wcsnicmp

_initterm

swprintf

wcsspn

_vsnprintf

strrchr

CDLocateCheckSum

MD5Init

MD5Final

CDGenerateRandomBits

CDFindCommonCSystemWithKey

MD5Update

CDLocateCSystem

CDBuildIntegrityVect

FreeContextBuffer

CredUnmarshalTargetInfo

LsaGetLogonSessionData

LsaFreeReturnBuffer

CredMarshalTargetInfo

RtlInitializeGenericTable

RtlDeregisterWait

NtOpenEvent

RtlNtStatusToDosError

RtlEraseUnicodeString

RtlValidSid

RtlInitializeResource

NtCreateEvent

RtlCreateTimer

RtlInitializeCriticalSection

RtlLookupElementGenericTable

NtSetSecurityObject

NtOpenProcessToken

RtlGetElementGenericTable

RtlIntegerToUnicodeString

RtlCompareMemory

NtQueryInformationToken

RtlConvertSidToUnicodeString

RtlAcquireResourceExclusive

RtlSubAuthoritySid

RtlDeleteTimerQueue

RtlAllocateAndInitializeSid

NtClose

RtlAddAccessAllowedAce

RtlInitAnsiString

RtlInitUnicodeString

RtlEqualUnicodeString

RtlUpcaseUnicodeString

RtlCreateSecurityDescriptor

RtlLengthSid

RtlFreeUnicodeString

RtlCompareUnicodeString

RtlInitializeSid

RtlUnicodeStringToAnsiString

RtlInsertElementGenericTableAvl

RtlDeleteElementGenericTable

RtlEnterCriticalSection

RtlSystemTimeToLocalTime

RtlDowncaseUnicodeString

NtDuplicateObject

RtlEqualDomainName

RtlAnsiStringToUnicodeString

RtlCopySid

RtlSubAuthorityCountSid

RtlTimeToTimeFields

RtlFreeSid

NtQuerySystemTime

RtlPrefixUnicodeString

RtlCopyLuid

RtlInitializeGenericTableAvl

RtlTimeFieldsToTime

DbgPrint

RtlLeaveCriticalSection

VerSetConditionMask

RtlSetDaclSecurityDescriptor

RtlUniform

RtlEqualSid

NtAllocateVirtualMemory

NtWaitForSingleObject

NtOpenThreadToken

RtlCreateTimerQueue

NtQuerySystemInformation

RtlCreateAcl

RtlConvertSharedToExclusive

RtlDeleteCriticalSection

RtlRunDecodeUnicodeString

RtlVerifyVersionInfo

RtlAppendUnicodeStringToString

RtlOemStringToUnicodeString

RtlLengthRequiredSid

RtlInsertElementGenericTable

RtlFreeAnsiString

RtlRegisterWait

NtAllocateLocallyUniqueId

RtlLookupElementGenericTableAvl

RtlDeleteResource

RtlCopyUnicodeString

RtlAcquireResourceShared

CharLowerBuffW

wsprintfW

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_CNT_UNINITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE