IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

ZwUnmapViewOfSection

RtlTimeToSecondsSince1980

qsort

ZwQueryEaFile

ZwQueryDirectoryFile

wcstoul

ZwSetEaFile

ZwSetInformationFile

wcscpy

RtlPushFrame

ZwMapViewOfSection

RtlAddressInSectionTable

ZwFreeVirtualMemory

ZwAllocateVirtualMemory

RtlInitializeGenericTableAvl

ZwQueryInformationFile

RtlInsertElementGenericTableAvl

RtlNumberGenericTableElementsAvl

RtlComputeCrc32

RtlUnwind

NtQueryVirtualMemory

RtlNtStatusToDosError

RtlInterlockedPopEntrySList

RtlInterlockedPushEntrySList

ZwSetLowEventPair

ZwWaitHighEventPair

ZwSetHighWaitLowEventPair

ZwCreateEventPair

strcmp

_stricmp

ZwDeleteFile

ZwQuerySystemInformation

RtlAdjustPrivilege

ZwAdjustPrivilegesToken

ZwOpenThreadTokenEx

ZwImpersonateThread

ZwOpenThread

ZwCreateSection

ZwCreateFile

strcpy

memset

ZwSetValueKey

ZwCreateEvent

ZwQueryInformationToken

ZwOpenProcessToken

ZwOpenEvent

ZwWriteFile

ZwReadFile

wcsrchr

LdrProcessRelocationBlock

RtlImageDirectoryEntryToData

RtlImageNtHeader

memcpy

ZwQueryVolumeInformationFile

ZwOpenFile

RtlExpandEnvironmentStrings_U

RtlFreeUnicodeString

ZwClose

ZwQueryValueKey

ZwOpenKey

swprintf

RtlFormatCurrentUserKeyPath

wcslen

RtlPrefixUnicodeString

RtlGetCurrentPeb

RtlExitUserThread

ZwProtectVirtualMemory

LdrGetProcedureAddress

RtlInitAnsiString

LdrLoadDll

RtlInitUnicodeString

RtlAddVectoredExceptionHandler

RtlPopFrame

RtlGetFrame

CreateThread

DeleteCriticalSection

LocalAlloc

InitializeCriticalSection

SleepEx

Sleep

FreeLibrary

VirtualFree

LeaveCriticalSection

EnterCriticalSection

LoadLibraryA

VirtualAlloc

GetVersion

LoadLibraryW

QueueUserWorkItem

GetModuleHandleW

GetSystemTimeAsFileTime

GetLastError

BindIoCompletionCallback

DeleteTimerQueueTimer

CreateTimerQueueTimer

LocalFree

MD5Final

MD5Update

CryptAcquireContextW

CryptImportKey

CryptGenRandom

CryptDestroyKey

CryptReleaseContext

CryptCreateHash

CryptSetHashParam

CryptVerifySignatureW

CryptDestroyHash

MD5Init

AcceptEx

WSAStartup

WSACleanup

WSASocketW

WSAGetLastError

closesocket

bind

listen

WSAIoctl

WSARecv

WSASend

setsockopt

WSASendTo

WSARecvFrom

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ