IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_RELOCS_STRIPPED

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

CredMarshalTargetInfo

LsaGetLogonSessionData

FreeContextBuffer

LsaFreeReturnBuffer

CredUnmarshalTargetInfo

CDBuildIntegrityVect

MD5Final

CDLocateCSystem

CDGenerateRandomBits

MD5Update

CDFindCommonCSystemWithKey

MD5Init

CDLocateCheckSum

wsprintfW

CharLowerBuffW

ASN1BEREncU32

ASN1BEREncExplicitTag

ASN1octetstring_free

ASN1_CreateModule

ASN1BERDecEndOfContents

ASN1_CloseEncoder

ASN1_FreeEncoded

ASN1BERDecSkip

ASN1intx_free

ASN1BEREncBool

ASN1BERDecBool

ASN1BEREncBitString

ASN1bitstring_free

ASN1DecSetError

ASN1BERDecNotEndOfContents

ASN1BERDecExplicitTag

ASN1BERDecS32Val

ASN1_Encode

ASN1intxisuint32

ASN1DecAlloc

ASN1BERDecGeneralizedTime

ASN1charstring_free

ASN1_Decode

ASN1_CloseDecoder

ASN1objectidentifier_free

ASN1BERDecPeekTag

ASN1BERDecOpenType2

ASN1_CreateEncoder

ASN1BERDecObjectIdentifier

ASN1BEREncS32

ASN1BEREncObjectIdentifier

ASN1BERDecSXVal

ASN1_CreateDecoder

ASN1_FreeDecoded

ASN1BERDecBitString

ASN1BERDecU32Val

ASN1intx_setuint32

ASN1BEREncCharString

ASN1intx2uint32

ASN1Free

ASN1BEREncOctetString

ASN1ztcharstring_free

ASN1intx2int32

ASN1EncSetError

ASN1BEREncSX

ASN1CEREncGeneralizedTime

ASN1BEREncOpenType

ASN1BERDecZeroCharString

ASN1BEREncEndOfContents

ASN1BERDecOctetString

ASN1BERDecCharString

SetEvent

CloseHandle

ExpandEnvironmentStringsW

GetComputerNameExW

OpenEventW

FormatMessageW

GetModuleFileNameW

InterlockedCompareExchange

InterlockedDecrement

lstrcpyW

GetProfileStringA

TerminateProcess

InitializeCriticalSection

GetACP

CreateFileA

LocalAlloc

EnterCriticalSection

LeaveCriticalSection

WriteFile

lstrlenW

GetLastError

GetCurrentProcessId

DebugBreak

CreateFileMappingW

UnregisterWait

OutputDebugStringA

LoadLibraryA

DisableThreadLibraryCalls

GetTickCount

CreateFileW

VirtualAlloc

WideCharToMultiByte

InterlockedExchangeAdd

InterlockedExchange

lstrcmpiA

GetModuleFileNameA

InterlockedIncrement

SetUnhandledExceptionFilter

GetCurrentProcess

GetCurrentThreadId

FreeLibrary

GetModuleHandleW

OpenFileMappingW

MultiByteToWideChar

UnhandledExceptionFilter

CreateEventW

GetLocalTime

LocalFree

GetSystemInfo

Sleep

GetProcAddress

UnmapViewOfFile

FileTimeToSystemTime

MapViewOfFileEx

RaiseException

GetEnvironmentVariableW

lstrlenA

DeleteCriticalSection

LoadLibraryW

GetComputerNameW

lstrcmpW

RegisterWaitForSingleObjectEx

GetSystemTimeAsFileTime

GetCurrentThread

QueryPerformanceCounter

wcsrchr

_stricmp

_wcsnicmp

wcsspn

sscanf

wcslen

malloc

qsort

_initterm

_strnicmp

wcscpy

wcscmp

wcstoul

strrchr

sprintf

free

strchr

swprintf

_ultoa

_strcmpi

wcscat

_wcsicmp

_except_handler3

_adjust_fdiv

_vsnprintf

RtlEqualSid

NtOpenThreadToken

RtlCompareUnicodeString

RtlTimeFieldsToTime

RtlTimeToTimeFields

RtlCreateSecurityDescriptor

NtAllocateLocallyUniqueId

RtlRunDecodeUnicodeString

RtlGetElementGenericTable

RtlInitializeSid

RtlInsertElementGenericTableAvl

RtlCreateTimer

RtlInsertElementGenericTable

RtlLeaveCriticalSection

RtlSubAuthorityCountSid

RtlCopySid

RtlConvertSharedToExclusive

NtQuerySystemTime

RtlDeregisterWait

NtQueryInformationToken

RtlEnterCriticalSection

RtlCopyLuid

RtlDeleteElementGenericTable

NtQuerySystemInformation

RtlCompareMemory

NtDuplicateObject

DbgPrint

RtlEqualDomainName

RtlSetDaclSecurityDescriptor

RtlFreeAnsiString

RtlIntegerToUnicodeString

RtlDeleteTimerQueue

RtlAllocateAndInitializeSid

RtlFreeSid

RtlAppendUnicodeStringToString

RtlDeleteResource

RtlLookupElementGenericTableAvl

RtlCopyUnicodeString

RtlReleaseResource

RtlDowncaseUnicodeString

NtClose

RtlAnsiStringToUnicodeString

RtlSystemTimeToLocalTime

RtlAcquireResourceExclusive

RtlInitializeResource

RtlInitAnsiString

RtlEqualUnicodeString

RtlSubAuthoritySid

RtlInitializeGenericTable

RtlCreateAcl

RtlLengthSid

NtOpenProcessToken

RtlAddAccessAllowedAce

RtlUnicodeStringToAnsiString

NtWaitForSingleObject

RtlOemStringToUnicodeString

VerSetConditionMask

RtlValidSid

NtOpenEvent

RtlVerifyVersionInfo

RtlEraseUnicodeString

RtlInitUnicodeString

RtlInitializeGenericTableAvl

RtlDeleteCriticalSection

RtlFreeUnicodeString

RtlUniform

RtlLookupElementGenericTable

RtlConvertSidToUnicodeString

RtlAcquireResourceShared

RtlCreateTimerQueue

RtlUpcaseUnicodeString

NtAllocateVirtualMemory

NtCreateEvent

RtlLengthRequiredSid

RtlPrefixUnicodeString

RtlRegisterWait

RtlInitializeCriticalSection

NtSetSecurityObject

RegisterEventSourceW

CredUnmarshalCredentialW

SystemFunction006

QueryServiceStatus

RegOpenKeyW

LookupAccountSidW

CryptCreateHash

CryptSetProvParam

RegCreateKeyExW

RegQueryValueExW

RegDeleteValueW

GetTraceLoggerHandle

TraceEvent

RevertToSelf

SetThreadToken

RegOpenKeyExW

CryptGetHashParam

OpenProcessToken

RegSetValueExW

CryptReleaseContext

QueryServiceConfigW

RegEnumKeyExW

CloseServiceHandle

RegCloseKey

SystemFunction007

CryptAcquireContextW

RegQueryInfoKeyW

GetTokenInformation

CryptGetProvParam

ReportEventW

CredFree

DeregisterEventSource

FreeSid

OpenThreadToken

AllocateAndInitializeSid

CryptHashData

RegNotifyChangeKeyValue

RegConnectRegistryW

OpenServiceW

CryptDestroyHash

OpenSCManagerW

RegisterTraceGuidsW

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_CNT_UNINITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE