IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

swprintf_s

memcmp

memcpy

memset

wcschr

_wtoi

_except_handler4_common

wcstoul

_vsnwprintf_s

_wcsnicmp

_wcslwr_s

_wcsicmp

wcsstr

_wtol

wcsncmp

wcsrchr

_ultow_s

_initterm

_initterm_e

exit

LocalAlloc

LocalFree

RpcStringFreeW

RpcEpRegisterW

RpcServerInqDefaultPrincNameW

RpcServerRegisterAuthInfoW

RpcBindingVectorFree

NdrClientCall4

I_RpcExceptionFilter

RpcStringBindingComposeW

RpcStringBindingParseW

NdrAsyncServerCall

NdrServerCall2

UuidToStringW

UuidFromStringW

RpcBindingFree

RpcServerInqCallAttributesA

RpcServerSubscribeForNotification

I_RpcMapWin32Status

RpcBindingToStringBindingW

RpcServerInqBindings

RpcAsyncCompleteCall

RpcServerInqCallAttributesW

RpcServerUseProtseqW

RpcServerRegisterIfEx

RpcServerRegisterIf3

RpcServerUseProtseqEpW

RpcBindingFromStringBindingW

UuidCreate

RpcAsyncAbortCall

RpcServerUnsubscribeForNotification

UuidEqual

RpcMgmtStopServerListening

RpcServerListen

RpcMgmtWaitServerListen

I_RpcBindingIsClientLocal

I_RpcSessionStrictContextHandle

I_RpcBindingInqLocalClientPID

RpcServerInqBindingHandle

RpcImpersonateClient

RpcRevertToSelf

RpcServerRegisterIf

RpcServerUnregisterIf

UuidCreateNil

ResetEvent

OpenEventW

WaitForMultipleObjectsEx

SetEvent

InitializeCriticalSection

Sleep

LeaveCriticalSection

CreateEventW

InitializeSRWLock

WaitForSingleObject

EnterCriticalSection

CreateThread

CreateProcessAsUserW

GetProcessTimes

CreateProcessW

SetThreadPriority

GetCurrentProcess

GetCurrentThread

OpenProcessToken

ResumeThread

ExitThread

TerminateProcess

SetProcessMitigationPolicy

DeleteProcThreadAttributeList

UpdateProcThreadAttribute

SetProcessShutdownParameters

GetCurrentThreadId

InitializeProcThreadAttributeList

GetProcessId

GetCurrentProcessId

OpenThreadToken

OpenProcess

SetUnhandledExceptionFilter

SetErrorMode

UnhandledExceptionFilter

GetLastError

SetLastError

DuplicateHandle

CloseHandle

ExpandEnvironmentStringsW

GetEnvironmentVariableW

EventSetInformation

EventRegister

EventWriteTransfer

EventUnregister

EventActivityIdControl

GetTickCount64

GetSystemTimeAsFileTime

GetComputerNameExW

GetTickCount

GetSystemTime

GetVersionExW

AllocateAndInitializeSid

FreeSid

GetKernelObjectSecurity

SetKernelObjectSecurity

AllocateLocallyUniqueId

SetTokenInformation

SetSecurityDescriptorDacl

AddAce

InitializeAcl

GetSecurityDescriptorDacl

CopySid

GetLengthSid

CheckTokenMembership

SetSecurityDescriptorOwner

InitializeSecurityDescriptor

EqualSid

AdjustTokenPrivileges

AddAccessAllowedAce

ImpersonateLoggedOnUser

GetTokenInformation

RevertToSelf

HeapAlloc

HeapFree

HeapSetInformation

CompareStringOrdinal

RegEnumValueW

RegSetValueExW

RegQueryValueExW

RegNotifyChangeKeyValue

RegQueryInfoKeyW

RegOpenKeyExW

RegLoadMUIStringW

RegDeleteValueW

RegSetKeySecurity

RegCloseKey

RegGetValueW

RegGetKeySecurity

RegCreateKeyExW

RegDeleteTreeW

LoadStringW

GetModuleHandleW

LoadLibraryExW

FreeLibrary

GetProcAddress

CloseThreadpoolCleanupGroupMembers

SubmitThreadpoolWork

CloseThreadpoolCleanupGroup

CreateThreadpoolWork

CreateThreadpoolCleanupGroup

CallbackMayRunLong

CloseThreadpoolWork

WaitForMultipleObjects

FindNextFileW

FindClose

SetFileInformationByHandle

CreateDirectoryW

CreateFileW

FindFirstFileW

DeviceIoControl

GetOsManufacturingMode

SetConsoleCtrlHandler

QueryPerformanceCounter

RtlEqualUnicodeString

NtSetInformationToken

RtlRegisterWait

RtlConvertSharedToExclusive

RtlConvertExclusiveToShared

RtlSetEnvironmentVariable

RtlValidSecurityDescriptor

NtCreateKey

NtOpenKey

NtQueryValueKey

NtSetValueKey

NtDeleteValueKey

NtEnumerateKey

NtDeleteKey

RtlSetControlSecurityDescriptor

WinSqmAddToStream

RtlSubAuthoritySid

NtCreateWnfStateName

NtQueryWnfStateData

RtlSubscribeWnfStateChangeNotification

RtlUnsubscribeWnfNotificationWaitForCompletion

RtlQuerySecurityObject

RtlValidRelativeSecurityDescriptor

NtOpenThreadToken

RtlSetSecurityObject

RtlMapGenericMask

NtPrivilegeCheck

NtPrivilegeObjectAuditAlarm

NtAccessCheck

NtAccessCheckAndAuditAlarm

NtDuplicateToken

NtAdjustPrivilegesToken

RtlCreateSecurityDescriptor

RtlSetOwnerSecurityDescriptor

RtlGetGroupSecurityDescriptor

RtlSetGroupSecurityDescriptor

RtlGetDaclSecurityDescriptor

RtlCreateAcl

RtlAddAccessAllowedAce

RtlGetAce

RtlAddAccessDeniedAce

RtlSetDaclSecurityDescriptor

RtlAbsoluteToSelfRelativeSD

RtlAllocateHeap

RtlTestProtectedAccess

NtFilterToken

RtlCopyUnicodeString

NtDeleteFile

NtQueryDirectoryFile

NtWaitForSingleObject

RtlAppendUnicodeToString

RtlAppendUnicodeStringToString

RtlCopySid

NtQueryInformationFile

RtlSetProcessIsCritical

NtOpenProcessToken

RtlFreeHeap

RtlUnhandledExceptionFilter

EtwEventRegister

EtwEventWrite

EvtIntReportEventAndSourceAsync

NtQueueApcThread

NtOpenThread

NtDeleteWnfStateName

RtlInitializeCriticalSection

RtlReleaseResource

RtlAcquireResourceExclusive

NtQuerySystemInformation

wcscspn

RtlNtStatusToDosErrorNoTeb

RtlSetSaclSecurityDescriptor

RtlInitializeSid

RtlSubAuthorityCountSid

RtlAddAce

RtlLengthRequiredSid

RtlNewSecurityObject

RtlAnsiStringToUnicodeString

RtlUnicodeStringToAnsiString

RtlInitAnsiString

EtwRegisterTraceGuidsW

EtwGetTraceEnableLevel

EtwGetTraceLoggerHandle

EtwGetTraceEnableFlags

RtlUnicodeStringToInteger

_ltow_s

EtwUnregisterTraceGuids

RtlGetSuiteMask

NtTraceControl

RtlSetLastWin32Error

RtlLengthSid

NtUnloadDriver

RtlCopyLuid

NtQueryDirectoryObject

RtlDeregisterWait

RtlQueueWorkItem

RtlReleaseSRWLockShared

RtlReleaseSRWLockExclusive

RtlAcquireSRWLockShared

RtlAcquireSRWLockExclusive

NtSetInformationThread

NtQueryKey

NtInitializeRegistry

NtSetSystemEnvironmentValue

RtlInitUnicodeString

NtClose

RtlNtStatusToDosError

EtwTraceMessage

NtOpenDirectoryObject

RtlDeleteSecurityObject

RtlRandom

NtSetEvent

RtlGetNtProductType

RtlExpandEnvironmentStrings_U

DbgPrintEx

RtlPublishWnfStateData

RtlCompareUnicodeString

NtQueryInformationToken

RtlInitUnicodeStringEx

NtQueryInformationProcess

RtlInitializeSRWLock

NtOpenFile

NtQuerySymbolicLinkObject

NtOpenSymbolicLinkObject

RtlFreeUnicodeString

RtlDosPathNameToNtPathName_U

NtDeleteObjectAuditAlarm

RtlAreAllAccessesGranted

RtlEqualSid

RtlGetOwnerSecurityDescriptor

RtlCreateServiceSid

NtCloseObjectAuditAlarm

NtSetInformationProcess

RtlLengthSecurityDescriptor

RtlAcquireResourceShared

WinSqmStartSqmOptinListener

NtSetInformationFile

RtlInitializeResource

NtLoadDriver

NtShutdownSystem

ApiSetQueryApiSetPresence

EaFreeAggregatedEventParameters

EaQueryAggregatedEventParameters

EACreateAggregateEvent

EaCreateAggregatedEvent

BriCreateBrokeredEvent

EaDeleteAggregatedEvent

EADeleteAggregateEvent

BriDeleteBrokeredEvent

EAQueryAggregateEventData

GetFileVersionInfoExW

GetFileVersionInfoSizeExW

VerQueryValueW

GetThreadUILanguage

RtlCompareMemory

DelayLoadFailureHook

ResolveDelayLoadedAPI

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ