IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

memcpy

memmove

memset

_aulldiv

ZwClose

_alldiv

RtlNtStatusToDosError

ZwSetInformationProcess

ZwQueryVolumeInformationFile

ZwOpenFile

RtlEqualUnicodeString

_chkstk

ZwFsControlFile

LdrUnloadDll

LdrLoadDll

RtlInitUnicodeString

ZwWaitForSingleObject

ZwReadFile

LdrGetProcedureAddress

_allmul

RtlFreeUnicodeString

ZwCreateKey

RtlOpenCurrentUser

ZwDuplicateToken

RtlCreateSecurityDescriptor

RtlGetDaclSecurityDescriptor

RtlGetGroupSecurityDescriptor

RtlGetOwnerSecurityDescriptor

RtlGetSaclSecurityDescriptor

RtlValidSecurityDescriptor

RtlSetDaclSecurityDescriptor

RtlSetGroupSecurityDescriptor

RtlSetOwnerSecurityDescriptor

RtlSetSaclSecurityDescriptor

RtlCreateAcl

RtlAddAccessAllowedAceEx

ZwQueryInformationToken

RtlEqualSid

RtlGetAce

ZwDeleteValueKey

ZwQueryValueKey

ZwSetValueKey

ZwOpenKey

ZwEnumerateKey

ZwQueryKey

ZwDeleteKey

RtlInitAnsiString

LdrGetDllHandle

ZwWaitForMultipleObjects

RtlAllocateHeap

RtlReAllocateHeap

RtlFreeHeap

ZwFlushBuffersFile

ZwSetInformationThread

ZwWriteFile

ZwCreateNamedPipeFile

ZwSetInformationFile

RtlCreateUnicodeString

ZwQueryInformationProcess

ZwOpenProcess

ZwCreateEvent

ZwCancelIoFile

ZwQueryInformationFile

ZwOpenThreadToken

ZwCreateFile

RtlTimeToTimeFields

_aullrem

RtlTimeFieldsToTime

ZwQueryVirtualMemory

ZwReadVirtualMemory

DbgPrint

_allrem

_stricmp

_strnicmp

_ftol

ZwTerminateProcess

ZwQueryInformationThread

ZwDelayExecution

ZwResumeThread

ZwTerminateThread

RtlRaiseException

ZwDuplicateObject

LdrShutdownThread

CsrClientCallServer

RtlCreateUserThread

RtlUpcaseUnicodeString

RtlxAnsiStringToUnicodeSize

RtlxOemStringToUnicodeSize

NlsMbOemCodePageTag

RtlAnsiStringToUnicodeString

RtlOemStringToUnicodeString

RtlxUnicodeStringToAnsiSize

RtlxUnicodeStringToOemSize

RtlUnicodeStringToAnsiString

RtlUnicodeStringToOemString

_aullshr

ZwSetEvent

ZwResetEvent

RtlSystemTimeToLocalTime

RtlInitializeCriticalSection

RtlEnterCriticalSection

RtlLeaveCriticalSection

RtlDeleteCriticalSection

ZwReleaseMutant

ZwQuerySymbolicLinkObject

ZwOpenSymbolicLinkObject

ZwDeviceIoControlFile

RtlGetFullPathName_U

RtlQueryEnvironmentVariable_U

ZwQuerySystemInformation

RtlCopySid

RtlAddAccessDeniedAceEx

RtlAdjustPrivilege

RtlImpersonateSelf

RtlDestroyProcessParameters

RtlCreateUserProcess

RtlCreateProcessParameters

RtlGetCurrentDirectory_U

ZwQueryObject

ZwUnmapViewOfSection

ZwMapViewOfSection

ZwCreateSection

RtlUpcaseUnicodeChar

RtlDosPathNameToNtPathName_U

RtlExpandEnvironmentStrings_U

RtlDestroyEnvironment

RtlSetEnvironmentVariable

RtlCreateEnvironment

ZwDisplayString

RtlUnwind

RtlReleasePebLock

RtlClearBits

RtlFindClearBitsAndSet

RtlAcquirePebLock

RtlAreBitsSet

_allshl

NtRaiseException

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE