IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

GetThreadDesktop

ChangeDisplaySettingsExA

EnumDisplaySettingsA

CloseDesktop

SetThreadDesktop

OpenInputDesktop

SendInput

GetAsyncKeyState

RegisterHotKey

SystemParametersInfoA

SetSysColors

GetSysColor

RedrawWindow

PostThreadMessageA

UnregisterDeviceNotification

RegisterDeviceNotificationA

LoadIconA

LoadStringA

RegisterRawInputDevices

GetRawInputData

GetMonitorInfoW

MonitorFromWindow

FindWindowExA

GetWindowLongPtrA

GetClientRect

GetWindowTextA

UnhookWinEvent

SetWinEventHook

GetWindowThreadProcessId

IsWindowVisible

MessageBoxW

MessageBoxA

DisplayConfigGetDeviceInfo

QueryDisplayConfig

GetDisplayConfigBufferSizes

EnumDisplayDevicesA

EnumWindows

GetPropA

wsprintfW

RegisterWindowMessageA

ChangeWindowMessageFilter

GetClassNameA

FindWindowA

GetForegroundWindow

UpdateWindow

KillTimer

SetTimer

ShowWindow

DestroyWindow

CreateWindowExA

RegisterClassA

PostQuitMessage

DefWindowProcA

PostMessageA

UnregisterPowerSettingNotification

RegisterPowerSettingNotification

SendMessageA

UnregisterHotKey

DispatchMessageA

GetMessageA

D3DKMTPollDisplayChildren

D3DKMTQueryAdapterInfo

DeleteDC

CreateDCA

SetDeviceGammaRamp

SetSecurityDescriptorDacl

RegCloseKey

RegCreateKeyExA

RegOpenKeyExA

RegQueryValueExA

RegSetValueExA

RegGetValueW

RegGetValueA

RegSetValueExW

RegDeleteValueA

RegOpenCurrentUser

ImpersonateLoggedOnUser

InitializeSecurityDescriptor

RegEnumKeyExA

RegDeleteKeyA

ConvertStringSecurityDescriptorToSecurityDescriptorA

CreateProcessAsUserA

OpenProcessToken

RegDeleteTreeA

RevertToSelf

LoadUserProfileA

UnloadUserProfile

WTSRegisterSessionNotification

WTSQueryUserToken

WTSEnumerateProcessesA

WTSFreeMemory

WTSQuerySessionInformationA

PowerReadSettingAttributes

PowerSetActiveScheme

PowerWriteFriendlyName

PowerWritePossibleValue

PowerWritePossibleFriendlyName

PowerWriteACDefaultIndex

PowerWriteDCDefaultIndex

PowerWriteSettingAttributes

PowerRemovePowerSetting

PowerCreateSetting

PowerCreatePossibleSetting

PowerEnumerate

PowerWriteACValueIndex

PowerWriteDCValueIndex

PowerSettingAccessCheck

PowerReadACValueIndex

PowerReadDCValueIndex

PowerGetActiveScheme

CM_Reenumerate_DevNode

CM_Get_Parent

CM_Get_DevNode_Status

CM_Get_Device_IDA

SetupDiSetClassInstallParamsA

SetupDiClassGuidsFromNameA

SetupDiGetClassDevsExA

CM_Get_DevNode_Status_Ex

CM_Get_Device_ID_ExA

SetupDiGetDeviceRegistryPropertyA

SetupDiEnumDeviceInfo

SetupDiGetClassDevsA

SetupDiOpenDeviceInfoA

SetupDiCallClassInstaller

SetupDiGetDeviceInstanceIdA

SetupGetInfDriverStoreLocationA

SetupUninstallOEMInfA

SetupDiBuildDriverInfoList

SetupDiEnumDriverInfoA

SetupDiGetDriverInfoDetailA

SetupDiDestroyDriverInfoList

SetupDiSetDeviceRegistryPropertyA

SetupDiGetDeviceInstallParamsA

SetupDiSetDeviceInstallParamsA

CM_Get_Device_ID_Size

CM_Locate_DevNodeA

SetupDiDestroyDeviceInfoList

SetupDiGetHwProfileList

CM_Get_Child_Ex

ord102

DwmIsCompositionEnabled

CoUninitialize

PropVariantClear

CoInitialize

CoCreateGuid

CoCreateInstance

CoInitializeEx

CoTaskMemFree

DriverPackageUninstallA

DriverPackageInstallA

DriverPackagePreinstallA

DriverPackageGetPathA

InitPropVariantFromDoubleVector

PathStripPathW

StrStrIA

DiInstallDevice

SetUnhandledExceptionFilter

UnhandledExceptionFilter

IsDebuggerPresent

RtlVirtualUnwind

RtlLookupFunctionEntry

RtlCaptureContext

InitializeSListHead

GetSystemTimeAsFileTime

GetCurrentProcessId

InterlockedPushEntrySList

InterlockedFlushSList

GetStartupInfoW

EnterCriticalSection

LeaveCriticalSection

DeleteCriticalSection

FlushFileBuffers

GetConsoleCP

GetConsoleMode

OutputDebugStringW

GetCurrentThreadId

WinExec

TerminateThread

SetEndOfFile

IsProcessorFeaturePresent

GetModuleHandleW

RtlUnwindEx

RtlPcToFileHeader

EncodePointer

RaiseException

InitializeCriticalSectionAndSpinCount

TlsAlloc

TlsGetValue

TlsSetValue

TlsFree

LoadLibraryExW

GetStdHandle

WriteFile

GetModuleFileNameW

GetCurrentProcess

ExitProcess

GetModuleHandleExW

GetCurrentThread

HeapFree

HeapAlloc

GetFileType

WideCharToMultiByte

MultiByteToWideChar

GetDateFormatW

GetTimeFormatW

CompareStringW

HeapReAlloc

HeapSize

ReadConsoleW

ReadFile

CreateFileW

SetFilePointerEx

GetFileSizeEx

SetConsoleCtrlHandler

GetProcessHeap

OpenMutexA

CreateMutexA

ReleaseMutex

WaitForMultipleObjects

OpenEventA

CreateEventA

ResetEvent

SetEvent

GetTickCount

VerifyVersionInfoW

RemoveDirectoryA

VerSetConditionMask

GetLocalTime

GetWindowsDirectoryA

FindNextFileA

FindFirstFileA

FindClose

DeleteFileA

CompareFileTime

FileTimeToSystemTime

lstrcmpA

LocalAlloc

FileTimeToLocalFileTime

SetThreadPriority

CreateThread

QueryPerformanceCounter

K32GetModuleBaseNameA

K32EnumProcessModules

QueryFullProcessImageNameA

GetEnvironmentVariableA

K32GetProcessImageFileNameA

K32EnumProcesses

GetSystemDefaultLangID

FindResourceExA

LockResource

LoadResource

FreeResource

GetSystemDirectoryA

SetLastError

GetFileTime

CreateFileA

CreateDirectoryA

ExpandEnvironmentStringsA

GetProcAddress

CopyFileA

LoadLibraryA

FreeLibrary

SetFileAttributesA

GetFileAttributesA

GetStringTypeW

SetStdHandle

SetEnvironmentVariableW

FreeEnvironmentStringsW

GetEnvironmentStringsW

GetCommandLineW

GetCPInfo

GetOEMCP

GetACP

IsValidCodePage

FindNextFileW

LCMapStringW

GetLocaleInfoW

IsValidLocale

GetUserDefaultLCID

WriteConsoleW

GetSystemPowerStatus

Process32Next

Process32First

CreateToolhelp32Snapshot

QueryFullProcessImageNameW

FindFirstFileExW

lstrlenW

GetCommandLineA

GetLastError

Sleep

CreateProcessA

GetModuleFileNameA

MoveFileExA

CloseHandle

MapViewOfFile

UnmapViewOfFile

AssignProcessToJobObject

CreateFileMappingA

OpenFileMappingA

WaitForSingleObject

GetExitCodeProcess

OpenProcess

IsWow64Process

OutputDebugStringA

SetInformationJobObject

CreateJobObjectA

WTSGetActiveConsoleSessionId

LocalFree

TerminateProcess

EnumSystemLocalesW

Shell_NotifyIconA

SHGetKnownFolderPath

GetFileVersionInfoSizeA

GetFileVersionInfoA

VerQueryValueA

CryptQueryObject

CertCloseStore

CryptMsgGetParam

CryptMsgClose

CryptDecodeObject

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE