IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

ZwClose

ZwOpenProcess

ZwOpenProcessToken

ZwQueryInformationToken

NtCreateSection

NtUnmapViewOfSection

NtMapViewOfSection

RtlRandomEx

ZwQueryInformationProcess

RtlGetVersion

RtlNtStatusToDosError

NtQuerySystemInformation

RtlImageNtHeader

_strupr

_wcsupr

memmove

bsearch

_vsnwprintf

strstr

_strlwr

atoi

wcscpy

RtlFreeUnicodeString

RtlUpcaseUnicodeString

ZwQueryKey

sprintf

_snprintf

memset

RtlAdjustPrivilege

mbstowcs

memcpy

strcpy

RtlImageDirectoryEntryToData

memcmp

_aulldiv

_allmul

_aullshr

_allshl

_chkstk

RtlUnwind

NtQueryVirtualMemory

FileTimeToSystemTime

OpenProcess

GetLocalTime

VirtualQueryEx

CreateRemoteThread

GetVersion

ExitThread

GetTempFileNameA

VirtualAlloc

DeleteCriticalSection

VirtualProtect

GetSystemInfo

lstrcmpA

GetModuleFileNameA

GetModuleHandleA

lstrcmpiA

MapViewOfFile

UnmapViewOfFile

Sleep

LoadLibraryA

CloseHandle

WriteProcessMemory

CreateFileMappingA

GetCurrentProcess

CreateFileA

lstrlenA

GlobalUnlock

lstrcpyA

HeapAlloc

GlobalLock

RemoveDirectoryA

DeleteFileA

HeapFree

lstrcatA

WriteFile

CreateDirectoryA

GetLastError

InterlockedIncrement

InterlockedDecrement

HeapDestroy

HeapCreate

SetEvent

HeapReAlloc

GetTickCount

LocalFree

GetWindowsDirectoryA

SuspendThread

ResumeThread

lstrcpyW

WaitForMultipleObjects

CreateDirectoryW

FindFirstFileW

CreateThread

TerminateProcess

SwitchToThread

lstrcatW

FindClose

ResetEvent

FindNextFileW

GetCurrentThreadId

LocalAlloc

CreateProcessW

CopyFileW

lstrlenW

SetWaitableTimer

DeleteFileW

GetCurrentThread

CreateEventA

GetModuleFileNameW

GetTempPathA

InterlockedExchange

GetSystemTimeAsFileTime

GetFileAttributesW

GetFileSize

ExpandEnvironmentStringsW

CreateFileW

WideCharToMultiByte

SetLastError

LeaveCriticalSection

EnterCriticalSection

CreateMutexA

GetComputerNameA

OpenWaitableTimerA

OpenMutexA

ReleaseMutex

GetVolumeInformationA

WaitForSingleObject

GetComputerNameW

InitializeCriticalSection

LoadLibraryExW

GetProcAddress

GetExitCodeProcess

CreateProcessA

GetDriveTypeW

OpenFileMappingA

GetLogicalDriveStringsW

VirtualFree

lstrcpynA

LocalReAlloc

TlsGetValue

TlsSetValue

TlsAlloc

LoadLibraryW

GetVersionExW

FreeLibrary

ReadFile

SetFilePointer

Thread32Next

CreateToolhelp32Snapshot

QueueUserAPC

Thread32First

GetCurrentProcessId

OpenThread

FindNextFileA

FindFirstFileA

DisconnectNamedPipe

FlushFileBuffers

GetSystemTime

CreateNamedPipeA

CallNamedPipeA

WaitNamedPipeA

ConnectNamedPipe

GetOverlappedResult

CancelIo

GetCommandLineA

AddVectoredExceptionHandler

ExitProcess

OpenEventA

GetTempPathW

RemoveDirectoryW

CompareFileTime

RemoveVectoredExceptionHandler

SleepEx

GetFileTime

SetEndOfFile

GetPrivateProfileSectionNamesW

GetPrivateProfileStringW

lstrcmpiW

GetPrivateProfileIntW

RaiseException

ExpandEnvironmentStringsA

Process32FirstW

Process32NextW

QueueUserWorkItem

FileTimeToLocalFileTime

CreateWaitableTimerA

GetFileAttributesA

VirtualProtectEx

AVIFileExit

AVIFileRelease

AVIFileInit

AVIStreamWrite

AVIFileCreateStreamA

AVIFileOpenA

AVIStreamRelease

AVIStreamSetFormat

AVIMakeCompressedStream

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ