IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_RELOCS_STRIPPED

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

RtlAcquireResourceExclusive

RtlFreeAnsiString

RtlCopyUnicodeString

RtlSubAuthoritySid

NtOpenProcessToken

RtlAppendUnicodeStringToString

RtlUniform

RtlLookupElementGenericTableAvl

RtlInitializeSid

RtlEraseUnicodeString

RtlDeleteTimerQueue

VerSetConditionMask

NtDuplicateObject

RtlVerifyVersionInfo

RtlEqualDomainName

RtlAllocateAndInitializeSid

RtlCopySid

RtlUpcaseUnicodeString

RtlConvertSharedToExclusive

RtlSubAuthorityCountSid

RtlDeregisterWait

DbgPrint

RtlEnterCriticalSection

RtlAcquireResourceShared

RtlRunDecodeUnicodeString

RtlLengthSid

RtlInitUnicodeString

RtlCompareMemory

NtOpenEvent

RtlAddAccessAllowedAce

NtAllocateLocallyUniqueId

NtOpenThreadToken

RtlTimeToTimeFields

RtlValidSid

RtlLookupElementGenericTable

RtlGetElementGenericTable

RtlDeleteElementGenericTable

RtlCopyLuid

RtlInitializeGenericTableAvl

RtlTimeFieldsToTime

RtlUnicodeStringToAnsiString

RtlAnsiStringToUnicodeString

NtQuerySystemInformation

NtQuerySystemTime

RtlEqualUnicodeString

RtlInitializeResource

RtlDowncaseUnicodeString

RtlSetDaclSecurityDescriptor

RtlDeleteResource

RtlLengthRequiredSid

RtlInsertElementGenericTableAvl

NtQueryInformationToken

RtlCreateAcl

RtlEqualSid

RtlSystemTimeToLocalTime

RtlInsertElementGenericTable

RtlPrefixUnicodeString

RtlRegisterWait

RtlInitAnsiString

RtlInitializeCriticalSection

RtlNtStatusToDosError

RtlLeaveCriticalSection

RtlConvertSidToUnicodeString

RtlFreeSid

RtlFreeUnicodeString

NtSetSecurityObject

RtlDeleteCriticalSection

RtlCreateSecurityDescriptor

RtlIntegerToUnicodeString

RtlCreateTimerQueue

NtAllocateVirtualMemory

NtWaitForSingleObject

RtlCompareUnicodeString

RtlReleaseResource

RtlCreateTimer

RtlOemStringToUnicodeString

NtCreateEvent

RtlInitializeGenericTable

CDBuildIntegrityVect

MD5Init

CDGenerateRandomBits

MD5Update

CDLocateCheckSum

CDFindCommonCSystemWithKey

CDLocateCSystem

MD5Final

ASN1DecAlloc

ASN1BERDecOctetString

ASN1BERDecU32Val

ASN1BERDecCharString

ASN1BEREncBool

ASN1BERDecObjectIdentifier

ASN1_Encode

ASN1BERDecSXVal

ASN1intx_setuint32

ASN1BEREncBitString

ASN1_CloseEncoder

ASN1_Decode

ASN1BERDecExplicitTag

ASN1BERDecNotEndOfContents

ASN1BEREncOctetString

ASN1BEREncU32

ASN1Free

ASN1EncSetError

ASN1BERDecEndOfContents

ASN1BEREncEndOfContents

ASN1BEREncExplicitTag

ASN1BERDecPeekTag

ASN1CEREncGeneralizedTime

ASN1BERDecGeneralizedTime

ASN1ztcharstring_free

ASN1_CreateEncoder

ASN1charstring_free

ASN1BEREncObjectIdentifier

ASN1BEREncOpenType

ASN1BERDecBitString

ASN1BEREncS32

ASN1intx2uint32

ASN1_CreateDecoder

ASN1BEREncCharString

ASN1BERDecOpenType2

ASN1_FreeEncoded

ASN1objectidentifier_free

ASN1BERDecZeroCharString

ASN1intxisuint32

ASN1intx2int32

ASN1BERDecBool

ASN1DecSetError

ASN1BERDecSkip

ASN1_CloseDecoder

ASN1BEREncSX

ASN1_CreateModule

ASN1_FreeDecoded

ASN1octetstring_free

ASN1bitstring_free

ASN1intx_free

ASN1BERDecS32Val

GetComputerNameW

InterlockedExchangeAdd

LoadLibraryA

GetACP

GetModuleFileNameW

CreateFileW

lstrlenA

GetSystemTimeAsFileTime

FormatMessageW

FileTimeToSystemTime

GetCurrentProcess

GetProcAddress

LocalAlloc

lstrcmpiA

InitializeCriticalSection

CreateEventW

OpenFileMappingW

GetLastError

CreateFileA

InterlockedCompareExchange

lstrcpyW

GetModuleHandleW

WriteFile

LocalFree

lstrcmpW

GetComputerNameExW

DisableThreadLibraryCalls

Sleep

QueryPerformanceCounter

RegisterWaitForSingleObjectEx

GetCurrentThread

SetUnhandledExceptionFilter

GetEnvironmentVariableW

LoadLibraryW

GetTickCount

WideCharToMultiByte

MapViewOfFileEx

UnmapViewOfFile

FreeLibrary

InterlockedIncrement

UnregisterWait

DeleteCriticalSection

ExpandEnvironmentStringsW

CloseHandle

CreateFileMappingW

lstrlenW

EnterCriticalSection

GetLocalTime

VirtualAlloc

InterlockedDecrement

OpenEventW

DebugBreak

UnhandledExceptionFilter

GetSystemInfo

GetCurrentThreadId

TerminateProcess

LeaveCriticalSection

GetModuleFileNameA

OutputDebugStringA

MultiByteToWideChar

SetEvent

InterlockedExchange

GetProfileStringA

RaiseException

GetCurrentProcessId

LsaGetLogonSessionData

LsaFreeReturnBuffer

CredUnmarshalTargetInfo

CredMarshalTargetInfo

FreeContextBuffer

SetThreadToken

CryptDestroyHash

QueryServiceStatus

OpenServiceW

RegQueryInfoKeyW

RegOpenKeyExW

RevertToSelf

SystemFunction006

OpenSCManagerW

CryptGetHashParam

OpenProcessToken

CloseServiceHandle

RegEnumKeyExW

CredUnmarshalCredentialW

CryptHashData

RegisterEventSourceW

CredFree

CryptSetProvParam

CryptReleaseContext

DeregisterEventSource

RegCreateKeyExW

FreeSid

RegNotifyChangeKeyValue

RegConnectRegistryW

RegOpenKeyW

SystemFunction007

RegisterTraceGuidsW

AllocateAndInitializeSid

ReportEventW

CryptCreateHash

LookupAccountSidW

RegDeleteValueW

CryptGetProvParam

GetTraceLoggerHandle

RegSetValueExW

RegCloseKey

GetTokenInformation

RegQueryValueExW

CryptAcquireContextW

TraceEvent

OpenThreadToken

QueryServiceConfigW

wcsrchr

_strcmpi

free

sscanf

_wcsicmp

wcscmp

qsort

wcslen

wcsspn

_vsnprintf

strchr

_strnicmp

_stricmp

malloc

wcscat

_except_handler3

wcstoul

_wcsnicmp

_adjust_fdiv

_ultoa

wcscpy

_initterm

strrchr

sprintf

swprintf

wsprintfW

CharLowerBuffW

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_CNT_UNINITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE