IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

GetSystemDirectoryA

WideCharToMultiByte

MultiByteToWideChar

GetProcessHandleCount

DuplicateHandle

WriteProcessMemory

ReadProcessMemory

lstrcpyn

GetCurrentThreadId

ResumeThread

CreateRemoteThread

OpenThread

GetLogicalDriveStringsA

QueryDosDeviceA

GetProcessHeap

GetModuleHandleA

ExitProcess

HeapAlloc

HeapReAlloc

HeapFree

IsBadReadPtr

MulDiv

GetDiskFreeSpaceA

GetCurrentDirectoryA

ReadFile

GetFileSize

CreateFileA

DeleteFileA

GetTempFileNameA

GetCommandLineA

GetModuleFileNameA

FreeLibrary

GetProcAddress

LoadLibraryA

LCMapStringA

InitializeCriticalSection

DeleteCriticalSection

EnterCriticalSection

LeaveCriticalSection

VirtualAlloc

VirtualFree

GetVersion

RtlUnwind

InterlockedDecrement

InterlockedIncrement

TerminateProcess

TlsSetValue

TlsAlloc

TlsFree

SetLastError

TlsGetValue

VirtualAllocEx

CopyFileA

GetTempPathA

GetVersionExA

GetCurrentProcess

CloseHandle

Sleep

GetLastError

FlushFileBuffers

SetStdHandle

IsBadCodePtr

SetUnhandledExceptionFilter

GetOEMCP

GetACP

GetCPInfo

GetStringTypeW

GetStringTypeA

LCMapStringW

SetFilePointer

IsBadWritePtr

RaiseException

WriteFile

HeapCreate

HeapDestroy

GetEnvironmentVariableA

GetEnvironmentStringsW

GetEnvironmentStrings

FreeEnvironmentStringsW

FreeEnvironmentStringsA

GetStartupInfoA

GetFileType

GetStdHandle

SetHandleCount

CreateThread

GetACP

GetCPInfo

LCMapStringW

SetFilePointer

IsBadWritePtr

VirtualAlloc

RaiseException

VirtualFree

HeapDestroy

GetEnvironmentVariableA

GetEnvironmentStringsW

GetEnvironmentStrings

FreeEnvironmentStringsW

FreeEnvironmentStringsA

GetFileType

GetStdHandle

SetHandleCount

WaitForSingleObject

lstrcpynW

lstrcpynA

GetCommandLineA

WriteProcessMemory

VirtualAllocEx

lstrcpyn

WideCharToMultiByte

OpenThread

OpenProcess

GetTickCount

CloseHandle

GetLastError

TlsGetValue

SetLastError

TlsFree

TlsAlloc

TlsSetValue

TerminateProcess

InterlockedIncrement

GetOEMCP

RtlUnwind

GetVersion

HeapCreate

VirtualFreeEx

GetModuleHandleA

VirtualQuery

LoadLibraryExA

FreeLibrary

IsWow64Process

CreateToolhelp32Snapshot

Process32First

Process32Next

CreateRemoteThread

GetExitCodeThread

GetWindowsDirectoryA

RtlMoveMemory

Module32First

Module32Next

GetNativeSystemInfo

TerminateThread

DuplicateHandle

CopyFileA

GetTempFileNameA

GetTempPathA

GetSystemDirectoryA

MultiByteToWideChar

CreateWaitableTimerA

SetWaitableTimer

LeaveCriticalSection

GetCurrentProcess

GetVersionExA

CreateProcessA

PeekNamedPipe

lstrlenW

lstrcpyA

ReadProcessMemory

VirtualQueryEx

GetStringTypeA

GetStringTypeW

SetUnhandledExceptionFilter

IsBadCodePtr

SetStdHandle

FlushFileBuffers

LoadLibraryA

InterlockedDecrement

InitializeCriticalSection

GetCurrentThreadId

SetProcessAffinityMask

EnterCriticalSection

DeleteCriticalSection

VirtualProtect

RtlZeroMemory

HeapAlloc

HeapFree

lstrcmpW

lstrcmpiW

GetProcessHeap

ExitProcess

HeapReAlloc

IsBadReadPtr

LCMapStringA

WriteFile

CreateFileA

ReadFile

GetFileSize

DeleteFileA

GetProcAddress

GetUserDefaultLCID

GetDiskFreeSpaceExA

GetCurrentDirectoryA

SetCurrentDirectoryA

GetStartupInfoA

FindNextFileA

FindFirstFileA

FindClose

GetModuleFileNameA

PathFindFileNameA

StrToIntW

StrToIntExW

PathFindExtensionA

PathFindFileNameA

PathFileExistsA

PeekMessageA

GetMessageA

TranslateMessage

DispatchMessageA

wsprintfA

MessageBoxA

MsgWaitForMultipleObjects

CallWindowProcA

SetWindowLongA

GetWindowLongA

GetAncestor

GetWindowThreadProcessId

IsWindowVisible

GetParent

EnumWindows

RegisterWindowMessageA

PostThreadMessageA

ClientToScreen

IsWindowVisible

GetWindowThreadProcessId

GetWindowTextA

GetClassNameA

MsgWaitForMultipleObjects

RegisterWindowMessageA

EnumWindows

GetParent

GetAncestor

CallWindowProcA

PeekMessageA

TranslateMessage

DispatchMessageA

wsprintfA

GetMessageA

MessageBoxA

GetForegroundWindow

FindWindowA

GetDlgItem

WindowFromPoint

GetCursorPos

SendMessageA

ShowWindow

LookupPrivilegeValueA

AdjustTokenPrivileges

OpenProcessToken

CryptHashData

CryptGetHashParam

OpenProcessToken

LookupPrivilegeValueA

AdjustTokenPrivileges

RegCloseKey

RegQueryValueExA

RegOpenKeyA

WSACleanup

WSAStartup

htons

GetFileVersionInfoSizeA

GetFileVersionInfoA

VerQueryValueA

SHGetSpecialFolderPathA

CoInitialize

CLSIDFromProgID

CoCreateInstance

OleRun

CoUninitialize

CLSIDFromString

SafeArrayDestroy

VariantChangeType

VariantInit

SafeArrayAllocDescriptor

SafeArrayAllocData

VariantCopy

SafeArrayGetDim

SafeArrayGetLBound

SafeArrayGetUBound

SafeArrayAccessData

SafeArrayUnaccessData

SafeArrayGetElemsize

SysFreeString

VarR8FromCy

VarR8FromBool

LoadTypeLi

LHashValOfNameSys

RegisterTypeLi

SafeArrayCreate

SysAllocString

VariantClear

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ