IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

LockFileEx

CreateFileMappingW

MapViewOfFile

UnlockFile

HeapCompact

DeleteFileA

CreateFileA

FlushViewOfFile

GetFileAttributesA

GetDiskFreeSpaceA

GetTempPathA

HeapValidate

UnmapViewOfFile

CreateMutexW

UnlockFileEx

GetFullPathNameA

LockFile

OutputDebugStringA

GetDiskFreeSpaceW

HeapCreate

AreFileApisANSI

GetGeoInfoW

RtlCaptureStackBackTrace

GetProcessHeap

HeapSize

HeapFree

HeapReAlloc

HeapAlloc

HeapDestroy

RaiseException

DecodePointer

UnregisterWaitUntilOOBECompleted

RegisterWaitUntilOOBECompleted

OOBEComplete

SetDllDirectoryW

SetDefaultDllDirectories

GetCurrentThreadId

TerminateProcess

GetCurrentProcess

CreateWaitableTimerW

Sleep

CancelWaitableTimer

SetWaitableTimer

CreateEventW

WaitForSingleObject

ResetEvent

SetLastError

SetUnhandledExceptionFilter

CreateFileW

CreateDirectoryW

Process32NextW

Process32FirstW

CreateToolhelp32Snapshot

WideCharToMultiByte

FormatMessageW

FormatMessageA

LocalFree

GetProcAddress

GetModuleHandleW

ProcessIdToSessionId

GetCurrentProcessId

CreateEventA

SetEvent

DeleteCriticalSection

InitializeCriticalSectionEx

LeaveCriticalSection

EnterCriticalSection

SleepEx

QueryPerformanceFrequency

GetSystemDirectoryA

FreeLibrary

GetModuleHandleA

LoadLibraryA

QueryPerformanceCounter

GetTickCount

MultiByteToWideChar

MoveFileExA

WaitForSingleObjectEx

CompareFileTime

GetSystemTimeAsFileTime

GetEnvironmentVariableA

GetStdHandle

GetFileType

ReadFile

PeekNamedPipe

WaitForMultipleObjects

VerSetConditionMask

GetLastError

GetEnvironmentVariableW

GetConsoleMode

SetConsoleMode

ReadConsoleA

ReadConsoleW

InitializeCriticalSectionAndSpinCount

TlsAlloc

TlsGetValue

TlsSetValue

TlsFree

WriteFile

SwitchToFiber

DeleteFiber

CreateFiber

ConvertFiberToThread

ConvertThreadToFiber

LoadLibraryW

FindClose

FindFirstFileW

FindNextFileW

GetSystemTime

SystemTimeToFileTime

GetSystemInfo

VirtualProtect

VirtualQuery

LoadLibraryExA

GetTickCount64

CreateHardLinkW

DuplicateHandle

TerminateThread

CreateSemaphoreA

GetStringTypeExW

LCMapStringW

GetLocaleInfoW

GetSystemDefaultUILanguage

GetUserDefaultUILanguage

GetUserDefaultLCID

GetLocaleInfoEx

ExpandEnvironmentStringsA

ExpandEnvironmentStringsW

DeleteFileW

FindFirstFileExW

GetDiskFreeSpaceExW

GetFileAttributesExW

GetFileInformationByHandle

GetLongPathNameW

GetTempFileNameW

SetFilePointer

GetTempPathW

IsWow64Process

CopyFileW

MoveFileExW

SystemTimeToTzSpecificLocalTime

FileTimeToSystemTime

GetEnvironmentStringsW

FreeEnvironmentStringsW

SetEnvironmentVariableW

OpenEventW

OpenProcess

LocalAlloc

QueryFullProcessImageNameW

GetVolumeInformationW

GetSystemDirectoryW

GetComputerNameW

GetUserGeoID

GetVersionExW

GetModuleFileNameW

GetCurrentPackageFamilyName

LoadLibraryExW

EnumResourceNamesW

OutputDebugStringW

GetCurrentThread

GetThreadLocale

SetThreadLocale

GetExitCodeProcess

GetFileAttributesW

GetFileSizeEx

FreeResource

LoadResource

LockResource

SizeofResource

FindResourceW

CreateThread

SetThreadPriority

GetThreadPriority

GetExitCodeThread

InitializeCriticalSection

TryEnterCriticalSection

ReleaseMutex

CreateMutexA

FindResourceExW

GetFileSize

DosDateTimeToFileTime

CompareStringW

GlobalFree

FreeConsole

AttachConsole

GetConsoleDisplayMode

FindResourceA

GetLocaleInfoA

CreateDirectoryA

IsDebuggerPresent

GetStringTypeW

EncodePointer

SwitchToThread

GetCPInfo

ReleaseSemaphore

WaitForMultipleObjectsEx

OpenEventA

ResumeThread

GetLogicalProcessorInformation

CreateWaitableTimerA

RtlCaptureContext

RtlLookupFunctionEntry

RtlVirtualUnwind

UnhandledExceptionFilter

IsProcessorFeaturePresent

InitializeSListHead

GetStartupInfoW

SignalObjectAndWait

CreateTimerQueueTimer

ChangeTimerQueueTimer

DeleteTimerQueueTimer

GetNumaHighestNodeNumber

GetProcessAffinityMask

SetThreadAffinityMask

RegisterWaitForSingleObject

UnregisterWait

GetThreadTimes

FreeLibraryAndExitThread

VirtualAlloc

VirtualFree

SetProcessAffinityMask

InterlockedPopEntrySList

InterlockedPushEntrySList

InterlockedFlushSList

QueryDepthSList

UnregisterWaitEx

CreateTimerQueue

RtlPcToFileHeader

RtlUnwindEx

RtlUnwind

ExitProcess

GetModuleHandleExW

GetDriveTypeW

ExitThread

SetFilePointerEx

SetConsoleCtrlHandler

GetConsoleCP

GetDateFormatW

GetTimeFormatW

IsValidLocale

EnumSystemLocalesW

FlushFileBuffers

SetStdHandle

SetEndOfFile

SetCurrentDirectoryW

GetCurrentDirectoryW

GetFullPathNameW

GetTimeZoneInformation

IsValidCodePage

GetACP

GetOEMCP

GetCommandLineA

GetCommandLineW

WriteConsoleW

VerifyVersionInfoW

CloseHandle

GdipCreateStringFormat

GdiplusShutdown

GdipCreatePen1

GdipDeletePen

GdipSetImageAttributesColorMatrix

GdipDeleteBrush

GdipMeasureString

GdipFlush

GdipCloneBrush

GdipAddPathLine

GdipClosePathFigures

GdipDeletePath

GdipCreatePath

GdipDeleteFont

GdipCreateFont

GdipDeleteStringFormat

GdipSetStringFormatFlags

GdipSetStringFormatTrimming

GdipCreateSolidFill

GdipCreateFromHDC

GdipGetImageEncoders

GdipGetImageEncodersSize

GdipBitmapSetPixel

GdipBitmapGetPixel

GdipBitmapUnlockBits

GdipBitmapLockBits

GdipCreateBitmapFromHICON

GdipCreateBitmapFromHBITMAP

GdiplusStartup

GdipSaveImageToFile

GdipDrawImageRectRectI

GdipSetInterpolationMode

GdipSetSmoothingMode

GdipSetCompositingMode

GdipDeleteGraphics

GdipGetGenericFontFamilySansSerif

GdipDeleteFontFamily

GdipCreateFontFamilyFromName

GdipSetClipRectI

GdipDrawImageRectRect

GdipDrawImage

GdipFillPath

GdipFillEllipse

GdipFillRectangle

GdipSetImageAttributesWrapMode

GdipDisposeImageAttributes

GdipCreateImageAttributes

GdipCreateBitmapFromScan0

GdipGetImagePixelFormat

GdipGetImageHeight

GdipGetImageWidth

GdipGetImageGraphicsContext

GdipDisposeImage

GdipCloneImage

GdipFree

GdipAlloc

GdipCreateFromHWND

GdipGraphicsClear

GdipDrawRectangle

GdipDrawLines

GdipDrawLine

GdipSetTextRenderingHint

GdipSetCompositingQuality

GdipDrawString

GdipCreateFromHWNDICM

ord26

ord22

ord217

ord41

ord27

ord301

ord200

ord32

ord50

ord46

ord211

ord60

ord45

ord30

ord79

ord35

ord33

ord143

IdnToAscii

IdnToUnicode

MiniDumpWriteDump

WTSFreeMemory

WTSRegisterSessionNotification

WTSUnRegisterSessionNotification

WTSQueryUserToken

WTSEnumerateSessionsW

GetUserNameExW

NetGetJoinInformation

NetApiBufferFree

GetObjectW

CreateDIBSection

SelectObject

CreateCompatibleDC

GetDIBits

DeleteObject

CreateBitmap

DeleteDC

CryptHashData

SetSecurityInfo

LookupAccountNameW

GetSidSubAuthority

OpenThreadToken

RegOpenKeyW

SetEntriesInAclW

GetNamedSecurityInfoW

SetNamedSecurityInfoW

ConvertStringSecurityDescriptorToSecurityDescriptorW

ConvertStringSidToSidW

RegCloseKey

RegOpenKeyExW

DeregisterEventSource

RegisterEventSourceW

ReportEventW

CryptAcquireContextW

CryptReleaseContext

CryptDestroyKey

CryptSetHashParam

CryptGetProvParam

CryptGetUserKey

CryptExportKey

CryptDecrypt

CryptCreateHash

CryptDestroyHash

OpenProcessToken

RegQueryValueExW

RegCreateKeyExW

RegDeleteValueW

RegEnumKeyExW

RegEnumValueW

RegFlushKey

RegQueryInfoKeyW

RegSetValueExW

RegDeleteTreeW

RegCopyTreeW

AddAccessAllowedAceEx

AddAce

DuplicateTokenEx

GetAce

GetAclInformation

GetLengthSid

GetSecurityDescriptorSacl

GetTokenInformation

InitializeAcl

CryptGetHashParam

GetUserNameW

ConvertSidToStringSidW

CryptSignHashW

CryptEnumProvidersW

GetSecurityInfo

ShellExecuteExW

SHGetSettings

SHGetDesktopFolder

SHGetKnownFolderPath

SHGetFolderPathW

SHCreateDirectoryExW

SHGetMalloc

SHGetFileInfoW

SHFileOperationW

ShellExecuteW

SHEvaluateSystemCommandTemplate

SHAppBarMessage

SHBindToParent

CommandLineToArgvW

SHQueryUserNotificationState

PropVariantClear

StringFromGUID2

CoUninitialize

CoInitializeEx

CoTaskMemAlloc

CoTaskMemFree

CoCreateGuid

CoSetProxyBlanket

CoCreateInstance

CoInitializeSecurity

SysFreeString

SysAllocStringLen

CreateErrorInfo

SysAllocString

VariantChangeType

GetErrorInfo

SysStringLen

VariantCopy

VariantInit

VariantClear

SetErrorInfo

BCryptGenRandom

ord173

ord217

UuidToStringW

UuidCreateSequential

RpcStringFreeW

DeleteUrlCacheEntryW

InternetQueryOptionW

WinHttpCloseHandle

WinHttpGetProxyForUrl

WinHttpOpen

WinVerifyTrust

WTHelperGetProvSignerFromChain

WTHelperGetProvCertFromChain

WTHelperProvDataFromStateData

CryptVerifyMessageSignature

CertGetNameStringW

CertCloseStore

CertEnumCertificatesInStore

CryptQueryObject

CertGetEnhancedKeyUsage

CertGetIntendedKeyUsage

CertOpenSystemStoreA

CertOpenStore

CertFindCertificateInStore

CertFreeCertificateContext

CertGetCertificateContextProperty

CryptMsgGetParam

CryptMsgClose

CertDuplicateCertificateContext

GetUserProfileDirectoryW

ExpandEnvironmentStringsForUserW

ord176

SHRegDuplicateHKey

PathFileExistsW

StrChrIW

PathGetArgsW

AssocQueryStringW

StrRetToBufW

ord487

getsockopt

htons

ntohs

setsockopt

socket

WSASetLastError

WSAIoctl

WSAStartup

WSACleanup

__WSAFDIsSet

select

accept

htonl

listen

getaddrinfo

freeaddrinfo

recvfrom

sendto

ioctlsocket

gethostname

gethostbyname

getsockname

getnameinfo

shutdown

send

WSACloseEvent

getpeername

connect

WSACreateEvent

bind

recv

WSAGetLastError

closesocket

WSAWaitForMultipleEvents

WSASetEvent

WSAResetEvent

WSAEventSelect

WSAEnumNetworkEvents

VerQueryValueW

GetSaveFileNameW

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE