IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

_strnset

memcpy

ExAllocatePool

strstr

ZwClose

ZwQueryValueKey

ZwOpenKey

RtlInitUnicodeString

wcsstr

_wcsnset

ZwReadFile

ExFreePoolWithTag

ZwQueryInformationFile

ZwCreateFile

ZwWriteFile

RtlCompareString

RtlInitString

ZwMapViewOfSection

ZwCreateSection

ZwOpenFile

KeServiceDescriptorTable

ZwSetValueKey

ZwCreateKey

ObfDereferenceObject

KeWaitForSingleObject

IofCallDriver

IoBuildDeviceIoControlRequest

KeInitializeEvent

IoGetDeviceObjectPointer

ObReferenceObjectByName

atoi

IoFreeIrp

KeSetEvent

IoFreeMdl

MmUnlockPages

IoBuildAsynchronousFsdRequest

memset

MmIsAddressValid

ZwPulseEvent

ZwAllocateVirtualMemory

ObOpenObjectByPointer

ProbeForRead

IoGetCurrentProcess

_strupr

PsGetProcessImageFileName

PsLookupProcessByProcessId

_wcsupr

PsRemoveLoadImageNotifyRoutine

PsSetLoadImageNotifyRoutine

IofCompleteRequest

PsSetCreateProcessNotifyRoutine

PsGetVersion

DbgPrint

IoRegisterShutdownNotification

IoDeleteDevice

IoCreateSymbolicLink

IoCreateDevice

KeTickCount

KeBugCheckEx

RtlUnwind

IoDriverObjectType

strchr

KeGetCurrentIrql

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ