IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_RELOCS_STRIPPED

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

LeaveCriticalSection

InterlockedExchange

VirtualAlloc

InterlockedDecrement

lstrcmpiA

RaiseException

DebugBreak

WideCharToMultiByte

SetUnhandledExceptionFilter

GetTickCount

GetLastError

UnmapViewOfFile

UnhandledExceptionFilter

MultiByteToWideChar

TerminateProcess

WriteFile

GetModuleFileNameW

DisableThreadLibraryCalls

CreateFileW

InterlockedIncrement

LoadLibraryA

GetACP

GetProcAddress

CreateFileMappingW

Sleep

GetCurrentThread

FileTimeToSystemTime

LocalAlloc

GetCurrentProcessId

CloseHandle

ExpandEnvironmentStringsW

OpenFileMappingW

SetEvent

GetComputerNameExW

lstrlenW

OpenEventW

GetModuleHandleW

GetLocalTime

lstrcpyW

InterlockedExchangeAdd

CreateEventW

DeleteCriticalSection

QueryPerformanceCounter

UnregisterWait

GetCurrentThreadId

InitializeCriticalSection

GetSystemTimeAsFileTime

EnterCriticalSection

GetProfileStringA

RegisterWaitForSingleObjectEx

FreeLibrary

FormatMessageW

GetModuleFileNameA

CreateFileA

LoadLibraryW

lstrlenA

LocalFree

GetSystemInfo

InterlockedCompareExchange

OutputDebugStringA

GetCurrentProcess

MapViewOfFileEx

GetComputerNameW

GetEnvironmentVariableW

lstrcmpW

CharLowerBuffW

wsprintfW

CredMarshalTargetInfo

CredUnmarshalTargetInfo

FreeContextBuffer

LsaGetLogonSessionData

LsaFreeReturnBuffer

ASN1intx2int32

ASN1ztcharstring_free

ASN1_Decode

ASN1BEREncCharString

ASN1EncSetError

ASN1Free

ASN1BEREncEndOfContents

ASN1_CloseEncoder

ASN1BERDecSXVal

ASN1BEREncExplicitTag

ASN1BERDecObjectIdentifier

ASN1_FreeEncoded

ASN1BERDecCharString

ASN1BERDecBool

ASN1BERDecS32Val

ASN1BERDecBitString

ASN1BERDecPeekTag

ASN1BERDecEndOfContents

ASN1BEREncBool

ASN1intx_setuint32

ASN1BEREncU32

ASN1BERDecExplicitTag

ASN1BERDecOctetString

ASN1_FreeDecoded

ASN1BEREncSX

ASN1DecAlloc

ASN1BEREncOpenType

ASN1intxisuint32

ASN1BERDecGeneralizedTime

ASN1BEREncObjectIdentifier

ASN1BEREncOctetString

ASN1BERDecU32Val

ASN1_Encode

ASN1BERDecSkip

ASN1_CloseDecoder

ASN1_CreateEncoder

ASN1BEREncS32

ASN1octetstring_free

ASN1intx2uint32

ASN1BERDecOpenType2

ASN1BEREncBitString

ASN1intx_free

ASN1CEREncGeneralizedTime

ASN1_CreateModule

ASN1objectidentifier_free

ASN1BERDecZeroCharString

ASN1_CreateDecoder

ASN1charstring_free

ASN1DecSetError

ASN1BERDecNotEndOfContents

ASN1bitstring_free

_stricmp

wcscat

wcslen

strrchr

_wcsnicmp

strchr

_adjust_fdiv

_strnicmp

malloc

wcscmp

sscanf

wcsrchr

_ultoa

free

sprintf

_initterm

swprintf

_except_handler3

wcscpy

_wcsicmp

_vsnprintf

wcstoul

qsort

_strcmpi

wcsspn

RtlAnsiStringToUnicodeString

RtlValidSid

NtOpenEvent

RtlEqualSid

RtlLengthRequiredSid

RtlTimeToTimeFields

NtAllocateVirtualMemory

RtlEqualUnicodeString

RtlEnterCriticalSection

RtlCopyUnicodeString

RtlConvertSharedToExclusive

RtlInitializeSid

RtlDeleteCriticalSection

RtlSubAuthorityCountSid

RtlAppendUnicodeStringToString

RtlCreateSecurityDescriptor

NtOpenThreadToken

NtQuerySystemTime

RtlLeaveCriticalSection

RtlEraseUnicodeString

RtlFreeSid

RtlDeleteTimerQueue

RtlConvertSidToUnicodeString

NtOpenProcessToken

NtAllocateLocallyUniqueId

RtlEqualDomainName

RtlCreateTimerQueue

RtlInsertElementGenericTable

NtDuplicateObject

RtlTimeFieldsToTime

RtlInitializeCriticalSection

RtlLookupElementGenericTable

NtClose

RtlInitAnsiString

DbgPrint

RtlRunDecodeUnicodeString

NtCreateEvent

RtlDowncaseUnicodeString

RtlPrefixUnicodeString

RtlCreateAcl

RtlVerifyVersionInfo

RtlSetDaclSecurityDescriptor

RtlCopySid

RtlUniform

RtlAllocateAndInitializeSid

RtlCopyLuid

NtSetSecurityObject

RtlDeleteElementGenericTable

NtWaitForSingleObject

RtlCompareUnicodeString

RtlReleaseResource

RtlAcquireResourceExclusive

RtlFreeUnicodeString

RtlSystemTimeToLocalTime

RtlOemStringToUnicodeString

RtlInitializeGenericTableAvl

VerSetConditionMask

RtlInitUnicodeString

NtQueryInformationToken

RtlDeleteResource

RtlUpcaseUnicodeString

RtlIntegerToUnicodeString

RtlLengthSid

RtlInsertElementGenericTableAvl

RtlDeregisterWait

RtlCompareMemory

RtlFreeAnsiString

RtlUnicodeStringToAnsiString

RtlAcquireResourceShared

RtlSubAuthoritySid

RtlInitializeGenericTable

RtlNtStatusToDosError

RtlGetElementGenericTable

RtlInitializeResource

RtlLookupElementGenericTableAvl

NtQuerySystemInformation

RtlRegisterWait

RtlCreateTimer

ReportEventW

SystemFunction007

CryptGetProvParam

CryptHashData

CryptSetProvParam

CredFree

GetTokenInformation

RegCloseKey

RegCreateKeyExW

QueryServiceStatus

CryptDestroyHash

RegNotifyChangeKeyValue

SetThreadToken

CryptAcquireContextW

CryptGetHashParam

LookupAccountSidW

RegQueryValueExW

FreeSid

QueryServiceConfigW

RegQueryInfoKeyW

RevertToSelf

RegOpenKeyW

SystemFunction006

OpenSCManagerW

RegisterEventSourceW

RegSetValueExW

RegOpenKeyExW

CredUnmarshalCredentialW

CryptReleaseContext

AllocateAndInitializeSid

RegEnumKeyExW

CloseServiceHandle

DeregisterEventSource

RegConnectRegistryW

RegisterTraceGuidsW

OpenServiceW

OpenProcessToken

TraceEvent

CryptCreateHash

OpenThreadToken

RegDeleteValueW

GetTraceLoggerHandle

CDLocateCSystem

MD5Update

MD5Final

CDLocateCheckSum

CDGenerateRandomBits

CDFindCommonCSystemWithKey

MD5Init

CDBuildIntegrityVect

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_CNT_UNINITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE