IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

free

memcpy

memcmp

_except_handler4_common

??1type_info@@UAE@XZ

__CxxFrameHandler3

_onexit

__dllonexit

_unlock

_lock

_initterm

_amsg_exit

_XcptFilter

_CxxThrowException

_callnewh

?what@exception@@UBEPBDXZ

??1exception@@UAE@XZ

??0exception@@QAE@ABV0@@Z

??0exception@@QAE@XZ

_vsnwprintf

malloc

rand

srand

iswalpha

_purecall

_ftol2

memset

SHStrDupW

SHCreateThread

SHDeleteValueW

SHGetValueW

SHEnumKeyExW

SHRegGetValueW

SHDeleteEmptyKeyW

SHSetValueW

SHEnumValueW

SHCreateMemStream

SHCreateStreamOnFileEx

IStream_Write

IStream_Read

IsOS

IUnknown_Set

ord162

ord108

ord107

ord190

GetModuleHandleExW

GetProcAddress

GetModuleFileNameA

DisableThreadLibraryCalls

FindResourceExW

LoadResource

LockResource

LoadLibraryExW

GetModuleHandleW

TraceMessage

RegisterTraceGuidsW

GetTraceEnableLevel

GetTraceEnableFlags

GetTraceLoggerHandle

UnregisterTraceGuids

ResetEvent

InitOnceComplete

OpenEventW

WaitForSingleObject

ReleaseSRWLockExclusive

InitOnceBeginInitialize

SetEvent

InitializeCriticalSection

DeleteCriticalSection

EnterCriticalSection

AcquireSRWLockExclusive

LeaveCriticalSection

CreateEventW

Sleep

EventWrite

EventUnregister

EventSetInformation

EventWriteTransfer

EventActivityIdControl

EventRegister

HeapAlloc

HeapFree

HeapReAlloc

GetProcessHeap

CompareStringOrdinal

MultiByteToWideChar

UnhandledExceptionFilter

SetUnhandledExceptionFilter

GetLastError

LocalAlloc

LocalFree

ExpandEnvironmentStringsW

WSALookupServiceEnd

WSALookupServiceNextW

WSAStringToAddressW

WSAAddressToStringW

WSAStartup

WSAGetLastError

WSALookupServiceBeginW

CloseHandle

GetTickCount

GetComputerNameExW

GetSystemTimeAsFileTime

IsCharUpperW

IsCharAlphaW

IsCharAlphaNumericW

IsCharLowerW

OutputDebugStringW

GetCurrentThreadId

OpenThreadToken

GetCurrentProcessId

TerminateProcess

GetCurrentProcess

OpenProcessToken

GetCurrentThread

LCMapStringW

FormatMessageW

GetSidSubAuthority

GetSidSubAuthorityCount

IsValidSid

CopySid

CheckTokenMembership

CreateWellKnownSid

GetLengthSid

GetTokenInformation

IsWellKnownSid

RegCreateKeyExW

RegQueryValueExW

RegGetValueW

RegDeleteTreeW

RegDeleteValueW

RegCloseKey

RegOpenKeyExW

RegQueryInfoKeyW

RegSetValueExW

RegDeleteKeyExW

CompareFileTime

GetFileAttributesExW

DeleteFileW

QueryPerformanceCounter

EnableTraceEx2

StopTraceW

StartTraceW

UrlCompareW

GetComputerNameW

RegisterWaitForSingleObject

UnregisterWaitEx

SHExpandEnvironmentStringsW

PathParseIconLocationW

StrCmpIW

StrChrW

StrCmpICW

StrRChrW

QISearch

StrToInt64ExW

StrCmpW

StrCmpNW

lstrlenW

NtOpenThreadToken

NtClose

NtOpenProcessToken

NtQueryInformationToken

wcschr

RtlInitUnicodeString

memcpy_s

NtPowerInformation

EtwTraceMessage

memmove

RtlNtStatusToDosError

WinSqmSetDWORD

WinSqmIsOptedIn

WinSqmIncrementDWORD

ResolveDelayLoadedAPI

DelayLoadFailureHook

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ