IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

GetFileVersionInfoW

GetFileVersionInfoSizeW

VerQueryValueW

CryptProtectData

ord3642

ord4244

ord940

ord774

ord2155

ord1006

ord563

ord6077

ord1047

ord2317

ord1021

ord4098

ord265

ord3435

ord354

ord4256

ord5199

ord1392

ord5908

ord6720

ord1542

ord1661

ord1662

ord4884

ord4206

ord5178

ord605

ord3635

ord4574

ord4729

ord280

ord3756

ord283

ord3198

ord2361

ord3311

ord4234

ord1582

ord2086

ord741

ord3224

ord2952

ord4232

ord2083

ord658

ord1921

ord776

ord896

ord2121

ord3869

ord2159

ord2364

ord651

ord416

ord3176

ord5869

ord1556

ord1719

ord1908

ord6086

ord3165

ord4228

ord1538

ord2080

ord4092

ord1474

ord1922

ord591

ord3189

ord620

ord3309

ord1580

ord1638

ord739

ord718

ord3287

ord4714

ord5207

ord4207

ord4184

ord4838

ord4611

ord4791

ord5064

ord5066

ord5065

ord6744

ord1784

ord4730

ord6232

ord721

ord977

ord2318

ord5398

ord2460

ord4266

ord1512

ord4274

ord5208

ord1573

ord1318

ord4109

ord2362

ord1271

ord3546

ord1883

ord1236

ord1765

ord1874

ord1781

ord1871

ord4861

ord2310

ord1176

ord1299

ord2167

ord3873

ord1235

ord2876

ord744

ord630

ord1443

ord3064

ord6291

ord5091

ord3082

ord2012

ord385

ord556

ord1472

ord6002

ord5711

ord5414

ord2468

ord6161

ord745

ord557

ord2239

ord757

ord566

ord3327

ord4475

ord2832

ord3824

ord5562

ord5209

ord5226

ord4562

ord3942

ord5222

ord5220

ord2925

ord1911

ord3826

ord5378

ord6215

ord5096

ord1007

ord3800

ord5579

ord2009

ord2054

ord4320

ord3795

ord4008

ord4032

ord899

ord6061

ord5609

ord4461

ord4463

ord1155

ord956

ord547

ord593

ord1049

ord1117

ord1121

ord334

ord3459

ord4267

ord1547

ord1351

ord3338

ord5200

ord5147

ord5910

ord6763

ord3968

ord4854

ord4857

ord4373

ord4378

ord4375

ord4393

ord4395

ord4380

ord4770

ord4172

ord4165

ord4775

ord4198

ord4784

ord4437

ord4438

ord3734

ord2413

ord2414

ord2415

ord2412

ord2411

ord3444

ord3639

ord368

ord4258

ord4476

ord6039

ord5930

ord2762

ord3034

ord4216

ord1913

ord4733

ord4846

ord4251

ord5491

ord4293

ord5408

ord1370

ord5152

ord2042

ord2007

ord6234

ord2615

ord2608

ord4560

ord6227

ord616

ord4699

ord3126

ord6311

ord6322

ord6335

ord6316

ord6390

ord6320

ord6637

ord3288

ord5862

ord2860

ord1476

ord5867

ord4347

ord3050

ord5485

ord2261

ord5558

ord3990

ord5524

ord900

ord4027

ord3842

ord2893

ord3155

ord5864

ord2861

ord3983

ord3151

ord1534

ord1626

ord583

ord6278

ord1636

ord6751

ord6749

ord3322

ord2981

ord754

ord1959

ord602

ord1957

ord5638

ord1270

ord347

ord783

ord781

ord1220

ord288

ord287

ord2693

ord5170

ord4292

ord4581

ord4314

ord5727

ord6764

ord393

ord3200

ord4974

ord3641

ord3342

ord5981

ord4100

ord709

ord2255

ord501

ord5053

ord3331

ord5633

ord6058

ord1403

ord5884

ord2260

ord6033

ord5723

ord4158

ord357

ord606

ord5157

ord4310

ord4741

ord3636

ord4743

ord4101

ord777

ord860

ord3298

ord730

ord3249

ord1172

ord5316

ord1571

ord6282

ord1939

ord2340

ord5327

ord6293

ord753

ord1906

ord284

ord3223

ord4231

ord1561

ord1475

ord1924

ord6262

ord1388

ord657

ord4642

ord326

ord1920

ord2066

ord3208

ord1198

ord1549

ord1628

ord642

ord6116

ord2788

ord3645

ord3301

ord1578

ord731

ord1156

ord2713

ord3281

ord3877

ord3174

ord5715

ord5917

ord5397

ord5410

ord5584

ord5519

ord5643

ord6053

ord4155

ord6050

ord5604

ord6056

ord5607

ord2521

ord3547

ord5698

ord5618

ord2065

ord5636

ord5637

ord524

ord526

ord2421

ord3662

ord4577

ord3453

ord4713

ord4728

ord4205

ord4904

ord4459

ord4619

ord4578

ord4458

ord4488

ord4966

ord1396

ord3922

ord3630

ord3677

ord528

ord4948

ord516

ord3822

ord1734

ord5701

ord3946

ord2424

ord3690

ord3661

ord2369

ord4074

ord4112

ord2136

ord4119

ord1386

ord4162

ord2651

ord2237

ord1904

ord2609

ord5003

ord4303

ord4129

ord2933

ord4898

ord5352

ord2986

ord2419

ord2418

ord4013

ord1548

ord3939

ord5144

ord5201

ord2164

ord1297

ord4271

ord4259

ord395

ord635

ord4533

ord6063

ord5161

ord3460

ord3157

ord1925

ord2311

ord1118

ord3204

ord3678

ord5942

ord3112

ord3590

ord760

ord1605

ord1894

ord293

ord4026

ord6140

ord2027

ord2011

ord577

ord1543

ord6010

ord4190

ord3923

ord5351

ord3981

ord1903

ord2072

ord2068

ord2030

ord1343

ord4980

ord1334

ord1338

ord5909

ord4238

ord5141

ord6265

ord5198

ord1953

ord3177

ord1785

ord1058

ord1274

ord2365

ord1946

ord4094

ord2085

ord3238

rand

__CxxFrameHandler3

memset

_time32

_encode_pointer

__set_app_type

?terminate@@YAXXZ

_unlock

__dllonexit

_lock

_onexit

_decode_pointer

_except_handler4_common

_invoke_watson

_controlfp_s

?_type_info_dtor_internal_method@type_info@@QAEXXZ

_crt_debugger_hook

srand

??0exception@std@@QAE@ABQBD@Z

?what@exception@std@@UBEPBDXZ

??1exception@std@@UAE@XZ

??0exception@std@@QAE@XZ

_invalid_parameter_noinfo

_CxxThrowException

??0exception@std@@QAE@ABV01@@Z

__RTDynamicCast

_wtoi

wcscat_s

malloc

free

memmove_s

_resetstkoflw

calloc

memcpy

_wtol

_purecall

_close

_wsopen_s

_errno

_write

_wunlink

_vscwprintf

_vsnwprintf_s

_recalloc

_mktime64

wcstol

wcsstr

memcpy_s

_itoa_s

_wcsicmp

swscanf_s

wcschr

_wtof

_wcslwr_s

wcsncmp

_wcsnicmp

iswdigit

ceil

_splitpath_s

strcat_s

_stricmp

_ultow_s

_set_errno

_wsplitpath_s

towlower

wcsrchr

_amsg_exit

__wgetmainargs

_cexit

_exit

_XcptFilter

exit

_wcmdln

_initterm

_initterm_e

_configthreadlocale

__setusermatherr

_adjust_fdiv

__p__fmode

__p__commode

GetDateFormatW

GetLocaleInfoW

lstrlenA

MultiByteToWideChar

WideCharToMultiByte

FormatMessageW

EnterCriticalSection

LeaveCriticalSection

OutputDebugStringW

OutputDebugStringA

GetTickCount

GetLastError

GetModuleHandleW

LocalFree

InterlockedIncrement

OpenProcess

Sleep

GetEnvironmentVariableW

InterlockedCompareExchange

GetStartupInfoW

SetUnhandledExceptionFilter

QueryPerformanceCounter

GetSystemTimeAsFileTime

TerminateProcess

UnhandledExceptionFilter

IsDebuggerPresent

GetCurrentProcess

CloseHandle

SetCurrentDirectoryW

GetCurrentDirectoryW

GetNumberFormatW

LoadLibraryW

lstrcmpiW

GetVersionExW

GetSystemInfo

GlobalMemoryStatus

GetLogicalDrives

GetDiskFreeSpaceW

GetDiskFreeSpaceExW

GetSystemDirectoryW

GetSystemDefaultLangID

GlobalFree

GlobalAlloc

InitializeCriticalSection

DeleteCriticalSection

GetTimeFormatW

CreateProcessW

GetShortPathNameW

CompareStringW

TerminateThread

WaitForSingleObject

SetEvent

WaitForMultipleObjects

CreateEventW

lstrlenW

InterlockedDecrement

GetProcAddress

SetLastError

FreeLibrary

LoadLibraryExW

GetModuleFileNameW

GetCurrentThreadId

GetCurrentProcessId

GlobalUnlock

GlobalLock

MulDiv

GetWindowsDirectoryW

lstrcpyW

WinExec

lstrcatW

SizeofResource

LockResource

LoadResource

FindResourceW

lstrcpynW

lstrcpyA

LoadLibraryExA

GetThreadLocale

GetUserDefaultLangID

FindClose

FindFirstFileW

GetLocalTime

InterlockedExchange

GetFileAttributesW

HeapFree

GetProcessHeap

LoadLibraryA

LocalAlloc

RaiseException

GetACP

GetLocaleInfoA

GetVersionExA

FindNextFileW

DestroyCursor

GetCursorInfo

TrackMouseEvent

GetNextDlgGroupItem

RedrawWindow

IsWindowVisible

MapWindowPoints

DrawFocusRect

InflateRect

ReleaseCapture

SetCapture

EndPaint

PtInRect

CreatePopupMenu

FillRect

IsWindowEnabled

SetParent

IsRectEmpty

OffsetRect

GetCursorPos

RemoveMenu

CopyRect

ReleaseDC

CopyIcon

BeginPaint

MessageBeep

SetRect

GetClassNameW

CharLowerBuffW

FindWindowW

SetForegroundWindow

SetActiveWindow

GetSysColor

GetMessagePos

MapDialogRect

GetScrollInfo

CallWindowProcW

GetWindowLongW

SetWindowLongW

GetWindow

SendMessageW

GetFocus

GetNextDlgTabItem

ClientToScreen

LockWindowUpdate

TabbedTextOutW

DrawTextW

DrawTextExW

GrayStringW

GetWindowPlacement

MoveWindow

ShowWindow

GetDlgItem

CreateWindowExW

wsprintfA

CharNextW

DispatchMessageW

TranslateMessage

PeekMessageW

MsgWaitForMultipleObjects

GetWindowThreadProcessId

EnumWindows

GetParent

EnableWindow

GetKeyState

GetSubMenu

LoadMenuW

GetWindowRect

PostMessageW

SetTimer

KillTimer

GetDesktopWindow

DestroyMenu

IsWindow

BringWindowToTop

LoadIconW

GetSystemMetrics

GetClientRect

UpdateWindow

InvalidateRect

ScreenToClient

MessageBoxW

EnableMenuItem

GetDC

LoadStringW

LoadBitmapW

AppendMenuW

GetMenuItemCount

GetMenuItemID

InsertMenuW

SetCursor

LoadCursorW

DefWindowProcW

Escape

ExtTextOutW

TextOutW

RectVisible

PtVisible

Rectangle

CreateFontW

GetStockObject

StretchBlt

GetCurrentObject

BitBlt

GetMapMode

GetTextColor

GetBkMode

GetBkColor

CreateCompatibleBitmap

GetDeviceCaps

GetTextMetricsW

GetTextExtentPoint32W

SelectObject

CreateCompatibleDC

CreateSolidBrush

GetObjectW

CreateFontIndirectW

DeleteObject

DeleteDC

LookupPrivilegeNameW

CryptDestroyHash

CryptAcquireContextW

StartServiceW

OpenSCManagerW

OpenServiceW

QueryServiceStatus

CloseServiceHandle

RegOpenKeyExA

RegQueryValueExA

RegQueryValueW

RegSetValueExA

RegQueryValueExW

LookupPrivilegeDisplayNameW

CryptReleaseContext

GetTokenInformation

EqualSid

LookupAccountSidW

CopySid

IsValidSid

GetSidSubAuthorityCount

GetSidSubAuthority

GetLengthSid

ConvertSidToStringSidW

OpenProcessToken

RegSetValueExW

RegOpenKeyExW

RegCloseKey

CryptCreateHash

CryptHashData

CryptGetHashParam

CryptGenRandom

SHGetSpecialFolderPathA

SHGetFolderPathW

ShellExecuteW

ord17

InitCommonControlsEx

_TrackMouseEvent

PathAddBackslashA

PathRemoveBackslashA

StringFromGUID2

CoInitialize

CoTaskMemFree

CoInitializeEx

CoUninitialize

CoCreateInstance

OleRun

CreateStreamOnHGlobal

SafeArrayGetLBound

SysStringByteLen

SysAllocStringByteLen

SysAllocString

VarBstrCmp

SafeArrayDestroy

SafeArrayUnlock

SafeArrayLock

SafeArrayGetUBound

SafeArrayGetVartype

SystemTimeToVariantTime

VariantTimeToSystemTime

SysStringLen

VariantClear

VariantInit

SysFreeString

GdipCloneImage

GdipDrawImageRectRect

GdipDrawImageI

GdipGetImageGraphicsContext

GdipSetImageAttributesColorKeys

GdipBitmapGetPixel

GdipCreateBitmapFromScan0

GdipDisposeImage

GdipDisposeImageAttributes

GdipCreateImageAttributes

GdipCloneBrush

GdipCreateBitmapFromHBITMAP

GdipLoadImageFromStream

GdipDrawRectangleI

GdipCreateFromHDC

GdipCreateSolidFill

GdipGetImageHeight

GdipGetImageWidth

GdipDeleteGraphics

GdipDeletePen

GdipCreatePen1

GdipDeleteBrush

GdipLoadImageFromStreamICM

GdipCreateBitmapFromStream

GdipCreateBitmapFromResource

GdipDrawImageRectI

GdipCreateHBITMAPFromBitmap

GdipAlloc

GdipFree

GdiplusShutdown

GdipCreateBitmapFromStreamICM

GdiplusStartup

GdipFillRectangleI

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ

??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z

??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z

?_Lock@_Mutex@std@@QAEXXZ

?_Unlock@_Mutex@std@@QAEXXZ

?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ

?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ

?uncaught_exception@std@@YA_NXZ

?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHPBDH@Z

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z

??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ

??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z

??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z

??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z

??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@PB_WABV10@@Z

?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@ABV12@@Z

??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z

??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@PBDHH@Z

?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z

UnloadUserProfile

WTSSendMessageW

GetModuleBaseNameW

GetModuleFileNameExW

EnumProcessModules

EnumProcesses

GetModuleInformation

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE