IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_RELOCS_STRIPPED

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

_purecall

_wcsicmp

_wcsnicmp

printf

exit

_except_handler3

malloc

wcslen

free

??3@YAXPAX@Z

??2@YAPAXI@Z

_c_exit

_exit

_XcptFilter

_cexit

_acmdln

__getmainargs

_initterm

__setusermatherr

_adjust_fdiv

__p__commode

__p__fmode

__set_app_type

_controlfp

__dllonexit

_onexit

RegisterEventSourceW

DeregisterEventSource

ReportEventW

RegEnumValueW

LsaQueryForestTrustInformation

DeleteAce

GetAce

AccessCheck

OpenThreadToken

GetTokenInformation

IsValidSecurityDescriptor

MakeSelfRelativeSD

MakeAbsoluteSD

AdjustTokenPrivileges

LookupPrivilegeNameW

OpenProcessToken

MapGenericMask

RegGetKeySecurity

RegDeleteValueW

RegSetValueExW

RegCreateKeyExW

ConvertStringSecurityDescriptorToSecurityDescriptorW

GetTraceEnableFlags

GetTraceEnableLevel

GetTraceLoggerHandle

RegisterTraceGuidsW

UnregisterTraceGuids

SetServiceStatus

RegisterServiceCtrlHandlerW

StartServiceCtrlDispatcherW

TraceMessage

SetSecurityDescriptorDacl

SetSecurityDescriptorGroup

SetSecurityDescriptorOwner

InitializeSecurityDescriptor

AddAccessAllowedAce

InitializeAcl

GetLengthSid

RegDeleteKeyW

RegEnumKeyExW

RegNotifyChangeKeyValue

RegOpenKeyExW

RegQueryInfoKeyW

RegCloseKey

RegConnectRegistryW

OpenServiceW

QueryServiceConfigW

ChangeServiceConfigW

ControlService

CloseServiceHandle

LsaOpenPolicy

LsaQueryInformationPolicy

LsaFreeMemory

LsaClose

OpenSCManagerW

RegQueryValueExW

GetTickCount

QueryPerformanceCounter

DeleteCriticalSection

InitializeCriticalSectionAndSpinCount

SetLastError

LeaveCriticalSection

GetCommandLineW

Sleep

GetLastError

LocalFree

GetCurrentThreadId

GetCurrentProcessId

GetSystemTimeAsFileTime

TerminateProcess

GetCurrentProcess

UnhandledExceptionFilter

GetStartupInfoA

EnterCriticalSection

SetEvent

WaitForSingleObject

CloseHandle

GetVersionExW

InterlockedCompareExchange

InterlockedDecrement

InterlockedIncrement

GetComputerNameExW

ResetEvent

WaitForMultipleObjects

CreateEventW

ResumeThread

SystemTimeToFileTime

GetSystemTime

CreateThread

GetLocalTime

InterlockedExchange

SetWaitableTimer

CreateWaitableTimerW

GetVolumePathNameW

CreateFileW

GetVolumeNameForVolumeMountPointW

CompareFileTime

InterlockedExchangeAdd

MoveFileW

HeapFree

HeapAlloc

GetProcessHeap

GetCurrentThread

LocalAlloc

HeapCreate

SetUnhandledExceptionFilter

NetShareGetInfo

DsEnumerateDomainTrustsW

DsRoleGetPrimaryDomainInformation

DsRoleFreeMemory

NetDfsSetInfo

NetApiBufferFree

DsGetDcNameW

DsGetSiteNameW

I_NetDfsIsThisADomainName

DsAddressToSiteNamesW

ord3

ord5

ord6

ord4

ord7

ord9

GetClusterResourceKey

ClusterRegOpenKey

ClusterRegCloseKey

GetClusterResourceNetworkName

OpenCluster

ClusterControl

CloseCluster

GetNodeClusterState

NtQueryInformationFile

NtQueryDirectoryFile

NtFsControlFile

NtClose

NtCreateFile

RtlEqualDomainName

wcscspn

RtlUnicodeStringToAnsiString

RtlFreeAnsiString

RtlFreeUnicodeString

RtlCompareUnicodeString

wcscpy

RtlCopyUnicodeString

RtlInitUnicodeString

RtlAllocateAndInitializeSid

RtlNtStatusToDosError

NtDeleteFile

wcschr

memmove

RtlAppendUnicodeStringToString

RtlAppendUnicodeToString

RtlEqualUnicodeString

NtOpenFile

NtQueryVolumeInformationFile

_vsnwprintf

wcscat

NtQuerySystemTime

RtlRandomEx

RtlDosPathNameToNtPathName_U

RtlPrefixUnicodeString

RtlIdentifierAuthoritySid

RtlSubAuthorityCountSid

RtlValidAcl

RtlUpcaseUnicodeChar

RtlAdjustPrivilege

DsBindW

DsQuerySitesByCostW

DsQuerySitesFree

DsFreeDomainControllerInfoW

DsBindToISTGW

DsBindingSetTimeout

DsUnBindW

DsGetDomainControllerInfoW

CoInitializeEx

CoUninitialize

VariantInit

SysAllocString

SafeArrayUnaccessData

SafeArrayAccessData

SafeArrayGetElement

SafeArrayGetUBound

SafeArrayGetLBound

VariantClear

SysFreeString

ResUtilEnumResources

ResUtilGetSzValue

ResUtilGetDwordValue

RpcServerUseProtseqEpW

RpcServerUnregisterIf

RpcMgmtWaitServerListen

RpcMgmtStopServerListening

UuidToStringW

RpcServerRegisterIf

UuidCreate

RpcRevertToSelf

RpcImpersonateClient

NdrServerCall2

RpcServerListen

RpcStringFreeW

CommandLineToArgvW

PathAddBackslashW

SHDeleteKeyW

SHCopyKeyW

ord142

ord26

ord203

ord79

ord155

ord41

ord12

ord16

ord73

ord14

ord145

ord224

ord140

ord13

ord18

GetNameInfoW

gethostbyname

WSAStartup

IMAGE_SCN_CNT_CODE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_CODE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE