IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

RtlCreateUnicodeString

ZwReadFile

RtlFreeHeap

RtlInitUnicodeString

ZwSetInformationFile

ZwCreateFile

isalpha

RtlNtStatusToDosError

ZwClose

NtAllocateLocallyUniqueId

ZwQueryInformationFile

ZwWriteFile

RtlDosPathNameToNtPathName_U

ceil

_stricmp

sprintf

strncmp

strstr

swprintf

memchr

_snprintf

strtol

_memicmp

strtoul

wcschr

RtlDosSearchPath_U

RtlExpandEnvironmentStrings_U

NtQueryAttributesFile

NtOpenSymbolicLinkObject

NtQuerySymbolicLinkObject

NtClose

RtlAllocateHeap

RtlSetEnvironmentVariable

wcsrchr

NtOpenKey

NtQueryValueKey

NtSetValueKey

NtResumeThread

NtWaitForMultipleObjects

RtlCreateUserProcess

RtlDestroyProcessParameters

NtCreateEvent

NtOpenProcess

RtlCreateProcessParameters

NtDeviceIoControlFile

NtUnloadDriver

NtCreateKey

NtLoadDriver

NtOpenFile

NtProtectVirtualMemory

RtlInitAnsiString

LdrGetProcedureAddress

LdrGetDllHandle

NtQuerySecurityObject

NtWriteFile

RtlCreateAcl

RtlFreeSid

RtlSetDaclSecurityDescriptor

NtFsControlFile

NtSetInformationFile

NtQueryInformationFile

NtQueryDirectoryFile

RtlAddAccessAllowedAce

NtWaitForSingleObject

RtlFreeUnicodeString

NtCreateFile

NtOpenDirectoryObject

RtlGetDaclSecurityDescriptor

RtlCompareUnicodeString

NtOpenProcessToken

NtQueryInformationToken

NtSetSecurityObject

RtlAllocateAndInitializeSid

RtlGetOwnerSecurityDescriptor

RtlGetCurrentDirectory_U

NtReadFile

RtlLengthSid

RtlCreateSecurityDescriptor

RtlSetOwnerSecurityDescriptor

NtQueryInformationProcess

NtSetInformationProcess

NtAdjustPrivilegesToken

LdrFindResource_U

LdrAccessResource

NtDelayExecution

_allmul

_chkstk

NtEnumerateValueKey

NtFlushKey

NtEnumerateKey

NtCreateSymbolicLinkObject

NtDeleteValueKey

RtlAppendUnicodeToString

RtlReAllocateHeap

RtlAppendUnicodeStringToString

NtDeleteKey

RtlFormatCurrentUserKeyPath

NtQuerySystemInformation

wcsncpy

vsprintf

wcsstr

NtQueryKey

NtQueryVolumeInformationFile

wcsncmp

RtlValidateHeap

sin

cos

tan

atan

_ftol

floor

sqrt

RtlFillMemory

RtlMoveMemory

RtlCreateUnicodeStringFromAsciiz

DbgPrint

NtDisplayString

_vsnprintf

RtlLeaveCriticalSection

RtlEnterCriticalSection

NtCancelIoFile

NtResetEvent

RtlInitializeCriticalSection

RtlDeleteCriticalSection

_aulldiv

_aullrem

RtlUnwind

NtQueryVirtualMemory

_CIpow

_alldiv

_allrem

_allshl

_allshr

_aullshr

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_CODE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ