IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

CryptReleaseContext

CryptGenKey

CryptGetProvParam

CryptGetHashParam

CryptImportKey

CryptSetKeyParam

CryptDestroyHash

CryptSetHashParam

CryptHashData

CryptCreateHash

CryptExportKey

CryptDecrypt

SystemFunction007

CryptDuplicateKey

CryptEncrypt

CryptAcquireContextW

CryptGetKeyParam

CryptAcquireContextA

CryptDestroyKey

GetLengthSid

CopySid

LsaClose

LsaOpenPolicy

LsaQueryInformationPolicy

CreateWellKnownSid

CreateProcessAsUserW

CreateProcessWithLogonW

RegQueryValueExW

RegEnumValueW

RegOpenKeyExW

RegSetValueExW

RegEnumKeyExW

RegQueryInfoKeyW

RegCloseKey

SystemFunction032

ConvertSidToStringSidW

SystemFunction033

QueryServiceObjectSecurity

QueryServiceStatusEx

BuildSecurityDescriptorW

OpenServiceW

StartServiceW

FreeSid

ControlService

SetServiceObjectSecurity

DeleteService

AllocateAndInitializeSid

OpenSCManagerW

CloseServiceHandle

CreateServiceW

IsTextUnicode

GetTokenInformation

LookupAccountNameW

LookupAccountSidW

DuplicateTokenEx

CheckTokenMembership

OpenProcessToken

CryptSetProvParam

CryptEnumProvidersW

ConvertStringSidToSidW

LsaFreeMemory

IsValidSid

GetSidSubAuthority

GetSidSubAuthorityCount

SetThreadToken

SystemFunction006

CryptEnumProviderTypesW

CryptGetUserKey

OpenEventLogW

ClearEventLogW

GetNumberOfEventLogRecords

CryptSignHashW

LsaRetrievePrivateData

LsaOpenSecret

LsaQueryTrustedDomainInfoByName

CryptDeriveKey

LsaQuerySecret

SystemFunction001

SystemFunction005

LsaSetSecret

LsaEnumerateTrustedDomainsEx

SystemFunction023

LookupPrivilegeValueW

StartServiceCtrlDispatcherW

RegisterServiceCtrlHandlerW

SetServiceStatus

OpenThreadToken

LookupPrivilegeNameW

EqualSid

CredFree

CredEnumerateW

ConvertStringSecurityDescriptorToSecurityDescriptorW

SystemFunction027

SystemFunction026

SystemFunction041

CredUnmarshalCredentialW

CredIsMarshaledCredentialW

A_SHAUpdate

A_SHAFinal

A_SHAInit

ord14

ord10

ord13

ord11

CertGetNameStringW

CryptQueryObject

CertEnumCertificatesInStore

CertAddCertificateContextToStore

CertEnumSystemStore

CertAddEncodedCertificateToStore

CertFreeCertificateContext

CryptStringToBinaryA

CertCloseStore

PFXExportCertStoreEx

CertSetCertificateContextProperty

CertOpenStore

CryptStringToBinaryW

CryptUnprotectData

CryptBinaryToStringW

CryptBinaryToStringA

CryptAcquireCertificatePrivateKey

CryptExportPublicKeyInfo

CryptFindOIDInfo

CryptSignAndEncodeCertificate

CertNameToStrW

CryptEncodeObject

CertFindCertificateInStore

CertGetCertificateContextProperty

CryptProtectData

CryptDecodeObjectEx

MD5Update

MD5Init

CDGenerateRandomBits

CDLocateCheckSum

MD5Final

CDLocateCSystem

DnsQuery_A

DnsFree

FilterFindNext

FilterFindFirst

WNetCancelConnection2W

WNetAddConnection2W

NetStatisticsGet

NetServerGetInfo

NetWkstaUserEnum

NetApiBufferFree

DsGetDcNameW

NetSessionEnum

NetRemoteTOD

DsEnumerateDomainTrustsW

NetShareEnum

I_NetServerAuthenticate2

I_NetServerReqChallenge

I_NetServerTrustPasswordsGet

ord31

ord24

ord13

ord75

ord141

ord9

ord43

ord111

CoInitializeEx

CoSetProxyBlanket

CoTaskMemFree

CoUninitialize

CoCreateInstance

SysFreeString

VariantInit

VariantClear

SysAllocString

RpcBindingSetObject

RpcBindingSetAuthInfoW

RpcEpResolveBinding

RpcMgmtEpEltInqDone

I_RpcGetCurrentCallHandle

UuidCreate

NdrServerCall2

NdrClientCall2

I_RpcBindingInqSecurityContext

RpcMgmtStopServerListening

RpcServerInqBindings

RpcBindingToStringBindingW

UuidToStringW

RpcServerRegisterIf2

RpcMgmtWaitServerListen

RpcServerListen

RpcServerRegisterAuthInfoW

RpcEpUnregister

RpcMgmtEpEltInqBegin

RpcEpRegisterW

RpcBindingInqAuthClientW

RpcMgmtEpEltInqNextW

RpcBindingSetOption

RpcBindingFromStringBindingW

RpcStringBindingComposeW

RpcBindingSetAuthInfoExW

RpcStringFreeW

MesHandleFree

RpcImpersonateClient

RpcRevertToSelf

MesEncodeIncrementalHandleCreate

MesDecodeIncrementalHandleCreate

RpcBindingFree

MesIncrementalHandleReset

NdrMesTypeEncode2

NdrMesTypeDecode2

NdrMesTypeFree2

NdrMesTypeAlignSize2

RpcBindingVectorFree

RpcServerUseProtseqEpW

RpcServerUnregisterIfEx

UrlUnescapeW

PathFindFileNameW

PathIsRelativeW

PathCanonicalizeW

PathCombineW

PathIsDirectoryW

SamLookupDomainInSamServer

SamCloseHandle

SamConnect

SamLookupIdsInDomain

SamiChangePasswordUser

SamOpenUser

SamEnumerateDomainsInSamServer

SamQueryInformationUser

SamSetInformationUser

SamOpenGroup

SamEnumerateAliasesInDomain

SamRidToSid

SamOpenAlias

SamGetAliasMembership

SamEnumerateGroupsInDomain

SamGetMembersInGroup

SamGetMembersInAlias

SamGetGroupsForUser

SamLookupNamesInDomain

SamEnumerateUsersInDomain

SamFreeMemory

SamOpenDomain

DeleteSecurityContext

LsaCallAuthenticationPackage

AcquireCredentialsHandleW

LsaConnectUntrusted

QueryContextAttributesW

InitializeSecurityContextW

FreeCredentialsHandle

FreeContextBuffer

EnumerateSecurityPackagesW

LsaDeregisterLogonProcess

LsaLookupAuthenticationPackage

LsaFreeReturnBuffer

CommandLineToArgvW

DispatchMessageW

IsCharAlphaNumericW

ShowWindow

GetKeyboardLayout

GetClipboardSequenceNumber

GetClipboardData

TranslateMessage

EnumClipboardFormats

CloseClipboard

GetMessageW

DefWindowProcW

PostMessageW

DestroyWindow

SetClipboardViewer

CreateWindowExW

SendMessageW

UnregisterClassW

RegisterClassExW

OpenClipboard

ChangeClipboardChain

DestroyEnvironmentBlock

CreateEnvironmentBlock

GetFileVersionInfoSizeW

VerQueryValueW

GetFileVersionInfoW

HidD_FreePreparsedData

HidD_GetPreparsedData

HidD_GetAttributes

HidD_GetFeature

HidD_SetFeature

HidP_GetCaps

HidD_GetHidGuid

SetupDiEnumDeviceInterfaces

SetupDiDestroyDeviceInfoList

SetupDiGetClassDevsW

SetupDiGetDeviceInterfaceDetailW

SCardDisconnect

SCardConnectW

SCardListReadersW

SCardGetCardTypeProviderNameW

SCardListCardsW

SCardReleaseContext

SCardEstablishContext

SCardGetAttrib

SCardFreeMemory

SCardTransmit

SCardControl

WinStationQueryInformationW

WinStationFreeMemory

WinStationConnectW

WinStationEnumerateW

WinStationCloseServer

WinStationOpenServerW

ord145

ord54

ord301

ord304

ord77

ord142

ord41

ord79

ord36

ord13

ord73

ord208

ord310

ord97

ord122

ord139

ord12

ord69

ord96

ord223

ord113

ord140

ord14

ord88

ord203

ord224

ord157

ord147

ord27

ord26

ord127

ord133

ord167

ord309

ASN1_FreeEncoded

ASN1_CloseModule

ASN1_CreateDecoder

ASN1_CloseDecoder

ASN1_CreateModule

ASN1_CloseEncoder

ASN1BERDotVal2Eoid

ASN1_CreateEncoder

NtQueryInformationProcess

RtlGetCurrentPeb

RtlCompressBuffer

RtlCreateUserThread

NtQueryObject

RtlGUIDFromString

NtQuerySystemInformation

RtlStringFromGUID

NtCompareTokens

RtlGetNtVersionNumbers

RtlEqualString

RtlInitUnicodeString

RtlEqualUnicodeString

RtlDowncaseUnicodeString

RtlFreeUnicodeString

RtlUnicodeStringToAnsiString

RtlFreeAnsiString

RtlAppendUnicodeStringToString

RtlUpcaseUnicodeString

RtlAnsiStringToUnicodeString

RtlFreeOemString

RtlUpcaseUnicodeStringToOemString

NtResumeProcess

NtOpenDirectoryObject

NtQueryDirectoryObject

RtlAdjustPrivilege

NtTerminateProcess

NtSuspendProcess

NtSetSystemEnvironmentValueEx

NtQuerySystemEnvironmentValueEx

NtEnumerateSystemEnvironmentValuesEx

RtlIpv4AddressToStringW

RtlIpv6AddressToStringW

RtlGetCompressionWorkSpaceSize

WinHttpReceiveResponse

WinHttpOpen

WinHttpQueryHeaders

WinHttpOpenRequest

WinHttpCrackUrl

WinHttpCloseHandle

WinHttpSendRequest

WinHttpConnect

IsValidCodePage

FindFirstFileExW

GetStringTypeW

SetStdHandle

GetOEMCP

GetConsoleCP

LCMapStringW

CompareStringW

GetFileType

GetACP

GetModuleFileNameW

GetCommandLineW

GetCommandLineA

GetModuleHandleExW

TerminateProcess

LoadLibraryExW

TlsFree

TlsSetValue

TlsGetValue

TlsAlloc

InitializeCriticalSectionAndSpinCount

RtlUnwindEx

IsProcessorFeaturePresent

GetStartupInfoW

SetUnhandledExceptionFilter

UnhandledExceptionFilter

IsDebuggerPresent

RtlVirtualUnwind

RtlLookupFunctionEntry

RtlCaptureContext

InitializeSListHead

GetCurrentThreadId

LoadLibraryExA

SetFilePointerEx

GetProcessId

GetComputerNameW

IsWow64Process

ProcessIdToSessionId

GetCurrentThread

SetConsoleCursorPosition

SetCurrentDirectoryW

FillConsoleOutputCharacterW

GetTimeZoneInformation

GetSystemDirectoryW

GetStdHandle

GetConsoleScreenBufferInfo

SetEvent

CreateEventW

DeleteCriticalSection

InitializeCriticalSection

LeaveCriticalSection

EnterCriticalSection

CreatePipe

SetHandleInformation

GlobalSize

SetFileAttributesW

GetConsoleWindow

ExitProcess

RaiseException

ExitThread

SetConsoleCtrlHandler

GetTickCount

QueryPerformanceCounter

FormatMessageA

GetSystemTime

GetProcessHeap

GetCurrentProcessId

GetFileSize

LockFileEx

CreateFileMappingA

UnlockFile

HeapDestroy

HeapCompact

HeapAlloc

GetSystemInfo

HeapReAlloc

DeleteFileW

GetVersionExA

WaitForSingleObjectEx

LoadLibraryA

FlushViewOfFile

OutputDebugStringW

GetFileAttributesExW

GetFileAttributesA

GetDiskFreeSpaceA

FormatMessageW

MultiByteToWideChar

HeapSize

HeapValidate

GetVersionExW

CreateMutexW

GetTempPathW

UnlockFileEx

SetEndOfFile

GetFullPathNameA

LockFile

OutputDebugStringA

GetDiskFreeSpaceW

GetFullPathNameW

HeapFree

HeapCreate

AreFileApisANSI

GetDateFormatW

GetSystemTimeAsFileTime

WideCharToMultiByte

SystemTimeToFileTime

GetTimeFormatW

lstrlenA

ClearCommError

PurgeComm

CreateRemoteThread

WaitForSingleObject

CreateProcessW

SetConsoleOutputCP

GetConsoleOutputCP

MapViewOfFile

CreateFileMappingW

UnmapViewOfFile

VirtualQueryEx

VirtualQuery

VirtualFreeEx

ReadProcessMemory

VirtualAllocEx

VirtualProtectEx

VirtualAlloc

VirtualFree

SetLastError

VirtualProtect

WriteProcessMemory

GetComputerNameExW

DeviceIoControl

GetCPInfo

GetEnvironmentStringsW

FreeEnvironmentStringsW

SetEnvironmentVariableW

WriteConsoleW

ReadConsoleW

GetConsoleMode

OpenProcess

DuplicateHandle

GetCurrentProcess

FlushFileBuffers

GetCurrentDirectoryW

GetFileAttributesW

FindClose

ExpandEnvironmentStringsW

RtlUnwind

FindNextFileW

GetFileSizeEx

FindFirstFileW

lstrlenW

FreeLibrary

GetModuleHandleW

GetProcAddress

LoadLibraryW

FileTimeToDosDateTime

GetTempFileNameA

FileTimeToLocalFileTime

DeleteFileA

CreateFileA

GetTempPathA

GetFileInformationByHandle

GetCurrentDirectoryA

SetFilePointer

LocalFree

CreateThread

CloseHandle

TerminateThread

GetLastError

Sleep

CreateFileW

LocalAlloc

WriteFile

ReadFile

FileTimeToSystemTime

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ