IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

ZwExtendSection

NtSuspendProcess

NtSetQuotaInformationFile

RtlGetControlSecurityDescriptor

ZwQuerySystemTime

ZwImpersonateThread

NtOpenThreadToken

NtMakeTemporaryObject

RtlLookupElementGenericTableAvl

RtlRegisterWait

strpbrk

RtlUnicodeToOemN

LdrShutdownThread

ZwDeleteValueKey

_wcsupr

NtSetInformationThread

NtQueryMutant

NtAllocateUserPhysicalPages

strlen

NtCreateEvent

_strnicmp

strrchr

RtlGetCompressionWorkSpaceSize

LdrVerifyImageMatchesChecksum

RtlDosSearchPath_Ustr

NtNotifyChangeDirectoryFile

ZwGetPlugPlayEvent

ZwConnectPort

RtlQueueApcWow64Thread

NtSetEaFile

RtlSetLastWin32ErrorAndNtStatusFromNtStatus

RtlOemStringToUnicodeSize

_CIsin

KiUserApcDispatcher

ZwFreeUserPhysicalPages

RtlDeleteCriticalSection

strcat

RtlSubAuthoritySid

LdrUnloadAlternateResourceModule

ZwQueryBootEntryOrder

cos

RtlFillMemoryUlong

CsrIdentifyAlertableThread

ZwQuerySymbolicLinkObject

RtlIsActivationContextActive

RtlAppendPathElement

DbgQueryDebugFilterState

wcscspn

ZwCancelTimer

ZwStopProfile

NtDeleteObjectAuditAlarm

ZwEnumerateValueKey

RtlGetActiveActivationContext

LdrFindEntryForAddress

_fltused

RtlInitializeGenericTable

NtUnlockVirtualMemory

RtlAdjustPrivilege

RtlGetSecurityDescriptorRMControl

NtEnumerateSystemEnvironmentValuesEx

DbgUiRemoteBreakin

RtlLocalTimeToSystemTime

NtResumeProcess

_ultow

islower

RtlAssert

RtlFindClearBitsAndSet

_wcslwr

RtlIpv6AddressToStringA

ZwSetInformationJobObject

RtlIpv6StringToAddressA

ZwCreateTimer

RtlNtStatusToDosErrorNoTeb

memset

NtAlertResumeThread

RtlSetSecurityObject

ZwQueryIntervalProfile

RtlxUnicodeStringToOemSize

_wspawnv

_setjmp

_fpreset

__mb_cur_max

??4exception@@QAEAAV0@ABV0@@Z

_mbsncmp

_swab

wcstombs

__setlc_active

_strnicmp

_unlock

fgetpos

_toupper

_chdir

_atodbl

isspace

_spawnle

rewind

_setmbcp

_wtoi64

_CIcosh

fwrite

_wcsicmp

wcscat

___lc_codepage_func

fputwc

_safe_fdiv

strlen

??_Gbad_cast@@UAEPAXI@Z

strstr

_strtoui64

_mbsrev

fclose

_mbsnbcpy

towupper

fwprintf

__badioinfo

_strrev

__p__osver

_itow

_except_handler2

__CxxUnregisterExceptionObject

_tzname

_fullpath

sinh

LocalFree

TransmitCommChar

InitAtomTable

EnumDateFormatsA

GetSystemTimeAsFileTime

FindFirstFileW

GetSystemInfo

LZInit

GetLocaleInfoW

SetConsoleActiveScreenBuffer

HeapLock

GlobalHandle

GetLastError

DebugActiveProcess

SetFileShortNameW

GetNumaProcessorNode

VirtualAlloc

OutputDebugStringW

CancelTimerQueueTimer

lstrcatA

LoadLibraryA

ShowConsoleCursor

VerLanguageNameA

SetConsoleCursorInfo

RestoreLastError

CreateMemoryResourceNotification

FindVolumeMountPointClose

SetTimerQueueTimer

HeapCreate

MulDiv

GetAtomNameW

WriteProfileStringA

ReadFileEx

GetCommProperties

SetFileValidData

SetVolumeMountPointW

SetConsoleDisplayMode

LocalAlloc

EnumCalendarInfoA

SetSystemTime

GetExitCodeThread

RemoveLocalAlternateComputerNameW

GetCalendarInfoW

FindNextFileW

GetNumberOfConsoleFonts

DebugBreak

RaiseException

WinStationEnumerate_IndexedW

WinStationActivateLicense

ServerLicensingGetAvailablePolicyIds

ServerLicensingClose

ServerLicensingFreePolicyInformation

ServerSetInternetConnectorStatus

WinStationFreeMemory

_WinStationUpdateSettings

WinStationShadow

WinStationVirtualOpen

_WinStationNotifyDisconnectPipe

WinStationUnRegisterConsoleNotification

ServerLicensingGetPolicyInformationW

WinStationGetLanAdapterNameA

WinStationCloseServer

ServerLicensingSetPolicy

WinStationSetInformationW

_NWLogonSetAdmin

WinStationOpenServerA

WinStationRemoveLicense

_WinStationUpdateUserConfig

ServerQueryInetConnectorInformationA

ServerLicensingOpenW

WinStationGenerateLicense

_WinStationBreakPoint

ServerLicensingLoadPolicy

_WinStationNotifyLogon

ServerLicensingDeactivateCurrentPolicy

ServerLicensingOpenA

WinStationWaitSystemEvent

WinStationBroadcastSystemMessage

LogonIdFromWinStationNameW

ServerLicensingUnloadPolicy

_WinStationWaitForConnect

_WinStationCheckForApplicationName

WinStationIsHelpAssistantSession

WinStationReset

WinStationConnectW

WinStationNameFromLogonIdW

_WinStationShadowTargetSetup

ServerGetInternetConnectorStatus

LogonIdFromWinStationNameA

WinStationSendMessageW

WinStationFreeGAPMemory

_ftol

_get_osfhandle

_mbcjistojms

_toupper

isdigit

vfwprintf

tan

_filelength

_ismbcupper

exit

_setmode

wcsftime

_mbsrev

_CIacos

_mbsnbicmp

__iscsymf

_unlink

_ultoa

_chsize

acos

isprint

strncat

??3@YAXPAX@Z

_ismbcl2

_mbschr

puts

_mbscspn

_mbctombb

strncpy

_cwait

EndDialog

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ