IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

RtlUnwind

NtOpenProcess

NtQueryVirtualMemory

RtlAllocateHeap

RtlReAllocateHeap

NtOpenThread

LdrGetDllHandle

RtlDestroyHeap

RtlInitUnicodeString

RtlFreeHeap

NtQueryInformationThread

RtlCreateHeap

NtProtectVirtualMemory

NtAllocateVirtualMemory

NtFreeVirtualMemory

NtSuspendThread

NtGetContextThread

NtFlushInstructionCache

NtSetContextThread

NtResumeThread

RtlGetNtVersionNumbers

RtlMoveMemory

NtQueryInformationProcess

NtQuerySystemInformation

NtTerminateProcess

NtTerminateThread

RtlZeroMemory

RtlRandom

NtClose

Sleep

CopyFileW

FormatMessageW

GetModuleFileNameW

lstrcmpW

MultiByteToWideChar

lstrlenW

GetLastError

SetLastError

GetComputerNameExW

DisableThreadLibraryCalls

FindClose

LoadLibraryA

CreateFileMappingW

CreateEventW

SetCurrentDirectoryW

WaitForMultipleObjects

CreatePipe

WTSGetActiveConsoleSessionId

lstrcmpiW

lstrcatW

FindNextFileW

SetEndOfFile

GetCurrentThreadId

GetDiskFreeSpaceExW

DeleteFileW

LocalFree

GetSystemTime

lstrcpyW

CreateThread

ExpandEnvironmentStringsW

HeapReAlloc

GetNativeSystemInfo

TerminateProcess

GetCurrentDirectoryW

GetProcAddress

HeapSize

GetLocaleInfoW

LCMapStringW

GetCurrentProcess

IsDebuggerPresent

SetUnhandledExceptionFilter

UnhandledExceptionFilter

IsValidCodePage

GetOEMCP

GetACP

GetCPInfo

EnterCriticalSection

LeaveCriticalSection

GetCurrentProcessId

QueryPerformanceCounter

HeapDestroy

HeapCreate

GetEnvironmentStringsW

FreeEnvironmentStringsW

GetModuleFileNameA

DeleteCriticalSection

GetStartupInfoW

GetFileType

InitializeCriticalSectionAndSpinCount

GetStdHandle

SetHandleCount

InterlockedDecrement

InterlockedIncrement

TlsFree

TlsSetValue

TlsGetValue

TlsAlloc

EncodePointer

GetCommandLineA

DecodePointer

UnmapViewOfFile

LoadLibraryW

WideCharToMultiByte

GetSystemDirectoryW

GetSystemTimeAsFileTime

GetModuleHandleW

SetEvent

WaitForSingleObject

HeapFree

MapViewOfFile

SetEnvironmentVariableW

LoadLibraryExW

HeapAlloc

CreateProcessW

GetStringTypeW

FreeLibrary

FindFirstFileW

GetCommandLineW

ExitProcess

lstrcpyA

CreateFileW

ReadFile

GetFileAttributesW

WriteFile

GetProcessHeap

GetTickCount

MoveFileExW

SetFilePointer

CreateFileA

OpenEventW

IsProcessorFeaturePresent

GetWindowThreadProcessId

GetWindowTextW

CreateDesktopW

DestroyWindow

GetWindowRect

PostQuitMessage

GetThreadDesktop

wsprintfW

CallWindowProcW

SetTimer

DispatchMessageW

GetForegroundWindow

SendMessageW

KillTimer

GetMessageW

PostMessageW

SetForegroundWindow

wsprintfA

ExitWindowsEx

CloseDesktop

CharLowerW

GetDC

GetWindowTextA

BringWindowToTop

GetWindowLongW

GetClassNameW

ReleaseDC

SetWindowLongW

GetDesktopWindow

SetWindowPos

LoadStringW

GetLastInputInfo

SwitchDesktop

SetThreadDesktop

PostThreadMessageW

PathRemoveArgsW

PathAddExtensionW

PathRemoveExtensionW

StrToIntW

StrChrA

StrCmpNIW

SHDeleteKeyW

StrRChrW

PathFindFileNameW

PathIsRelativeW

PathRemoveFileSpecW

PathAddBackslashW

PathFindFileNameA

PathAddBackslashA

StrTrimA

StrDupA

ord12

PathFindExtensionW

PathRemoveFileSpecA

WTSQuerySessionInformationW

WTSEnumerateSessionsW

WTSFreeMemory

WTSQueryUserToken

DestroyEnvironmentBlock

CreateEnvironmentBlock

RegDeleteValueW

GetNamedSecurityInfoW

LsaClose

QueryServiceStatus

DuplicateTokenEx

StartServiceW

GetSecurityInfo

ChangeServiceConfig2W

LookupPrivilegeValueW

SetNamedSecurityInfoW

RegDeleteKeyW

DuplicateToken

CreateProcessAsUserW

RegQueryValueExW

RegCreateKeyExW

GetTokenInformation

RegisterServiceCtrlHandlerExW

OpenServiceW

LsaOpenPolicy

GetUserNameW

LogonUserW

OpenSCManagerW

DeleteService

IsWellKnownSid

LsaQueryInformationPolicy

OpenProcessToken

CloseServiceHandle

CreateServiceW

ChangeServiceConfigW

AllocateAndInitializeSid

SetServiceStatus

FreeSid

CheckTokenMembership

ControlService

AdjustTokenPrivileges

ConvertSidToStringSidW

QueryServiceConfigW

RegCloseKey

RegSetValueExW

LsaFreeMemory

CreateWellKnownSid

RegOpenKeyExW

EnumServicesStatusExW

SetSecurityInfo

QueryServiceStatusEx

SetEntriesInAclW

closesocket

socket

CommandLineToArgvW

ShellExecuteExW

SHCreateDirectoryExW

StretchBlt

DeleteObject

SelectObject

CreateCompatibleDC

BitBlt

DeleteDC

SetStretchBltMode

CreateCompatibleBitmap

ord22

ord23

ord21

ord20

SysFreeString

VariantInit

SysAllocString

CoTaskMemFree

CoUninitialize

CoCreateInstance

CoInitializeEx

GetFileVersionInfoSizeW

VerQueryValueW

GetFileVersionInfoW

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ