IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

GetCurrentProcessId

GetFullPathNameW

GetCurrentDirectoryW

GetShortPathNameW

GetComputerNameW

GetSystemDirectoryW

InterlockedDecrement

SystemTimeToTzSpecificLocalTime

SystemTimeToFileTime

TzSpecificLocalTimeToSystemTime

FileTimeToSystemTime

GetSystemTime

GetDriveTypeW

QueryDosDeviceW

GetDiskFreeSpaceExW

lstrcmpA

LocalAlloc

lstrcpyW

VerSetConditionMask

GetVersionExW

VerifyVersionInfoW

OutputDebugStringA

GetVersionExA

SuspendThread

GetFullPathNameA

HeapReAlloc

CreateFileA

HeapCompact

SetEndOfFile

QueryPerformanceCounter

InterlockedCompareExchange

UnlockFile

LockFile

OutputDebugStringW

UnlockFileEx

GetSystemTimeAsFileTime

FormatMessageA

InitializeCriticalSection

HeapDestroy

LeaveCriticalSection

GetFileAttributesA

HeapCreate

HeapValidate

FlushFileBuffers

GetTempPathW

HeapSize

LockFileEx

EnterCriticalSection

LoadLibraryA

CreateFileMappingA

GetDiskFreeSpaceA

GetSystemInfo

DeleteCriticalSection

GetTempPathA

WriteFile

DeleteFileA

SetFilePointerEx

VirtualFree

IsBadReadPtr

GetCompressedFileSizeW

WaitForMultipleObjectsEx

GetVolumePathNameW

IsBadWritePtr

lstrlenW

VirtualAlloc

GetFileType

lstrcmpiW

GetVolumeNameForVolumeMountPointW

GetFileInformationByHandle

GetVolumeInformationW

LoadLibraryExW

GlobalAlloc

GlobalFree

VirtualQueryEx

GetFileSizeEx

CreateMutexA

CreateDirectoryW

MoveFileExW

UnmapViewOfFile

MapViewOfFile

SetFilePointer

FindFirstFileW

GetFileSize

CreateThread

MultiByteToWideChar

Module32NextW

CreateToolhelp32Snapshot

Process32NextW

Module32FirstW

OpenThread

Process32FirstW

SetLastError

Thread32Next

TerminateProcess

GetExitCodeProcess

ReadProcessMemory

SetEnvironmentVariableA

WriteConsoleW

IsValidLocale

EnumSystemLocalesA

GetLocaleInfoA

GetUserDefaultLCID

SetStdHandle

GetTimeZoneInformation

IsValidCodePage

GetOEMCP

GetACP

GetConsoleMode

GetConsoleCP

TlsFree

TlsSetValue

TlsGetValue

TlsAlloc

InitializeCriticalSectionAndSpinCount

SetHandleCount

GetEnvironmentStringsW

FreeEnvironmentStringsW

IsDebuggerPresent

SetUnhandledExceptionFilter

UnhandledExceptionFilter

CompareStringW

LCMapStringW

RtlUnwind

RaiseException

GetCPInfo

GetStartupInfoW

HeapSetInformation

GetCommandLineW

WideCharToMultiByte

GetTickCount

WritePrivateProfileStringW

GetPrivateProfileStringW

ExpandEnvironmentStringsW

SetFileAttributesW

DeleteFileW

GetFileAttributesExW

FindNextFileW

DeviceIoControl

AssignProcessToJobObject

TerminateThread

Thread32First

CreateRemoteThread

GetProcessHeap

HeapFree

CreateJobObjectW

HeapAlloc

CreateProcessW

ExitProcess

LocalFree

ReleaseMutex

GetProcAddress

GetStdHandle

GetModuleFileNameW

FormatMessageW

OpenProcess

SetEvent

WaitForSingleObject

GetCurrentProcess

SetErrorMode

CreateMutexW

LockResource

GetLastError

SizeofResource

LoadResource

FindResourceW

GetUserDefaultUILanguage

GetThreadLocale

SetThreadLocale

GetLocaleInfoW

GetUserGeoID

GetGeoInfoW

SetThreadUILanguage

GetModuleHandleW

lstrlenA

DecodePointer

EncodePointer

GetStringTypeW

InterlockedExchange

InterlockedIncrement

RemoveDirectoryW

CreateFileMappingW

FindClose

GetDiskFreeSpaceW

MoveFileW

GetLongPathNameW

CreateFileW

ReadFile

GetFileAttributesW

TerminateJobObject

CopyFileW

GetCurrentThreadId

Sleep

LoadLibraryW

FreeLibrary

CreateEventW

ResetEvent

CloseHandle

AreFileApisANSI

IsProcessorFeaturePresent

DestroyWindow

SendMessageW

PostThreadMessageW

GetClientRect

GetWindowThreadProcessId

EnumWindows

MoveWindow

DefWindowProcW

CallWindowProcW

GetSystemMetrics

SetMenu

ShowWindow

SetWindowLongW

GetWindowLongW

LoadMenuW

LoadAcceleratorsW

PtInRect

BeginPaint

LoadCursorW

LoadImageW

PostQuitMessage

GetWindowRect

SetCursor

EndPaint

DispatchMessageW

DestroyIcon

SetWindowTextW

DestroyMenu

ExitWindowsEx

SystemParametersInfoW

EnableWindow

UpdateWindow

CreateWindowExW

GetCursorPos

SetWindowPos

GetDesktopWindow

RedrawWindow

GetWindowTextW

InvalidateRect

TrackPopupMenuEx

LoadIconW

RegisterClassExW

TranslateMessage

GetDC

TrackMouseEvent

GetSubMenu

GetMessageW

TranslateAcceleratorW

GetWindowTextLengthW

LoadStringW

MessageBoxW

GetStockObject

DeleteObject

CreateFontW

SetTextColor

FreeSid

QueryServiceConfigW

EnumServicesStatusW

QueryServiceStatus

ConvertSidToStringSidW

GetInheritanceSourceW

RegSetKeySecurity

IsValidSid

GetNamedSecurityInfoW

RegGetKeySecurity

SetNamedSecurityInfoW

ConvertStringSidToSidW

FreeInheritedFromArray

GetExplicitEntriesFromAclW

GetUserNameW

RegUnLoadKeyW

RegSetValueExW

RegCloseKey

RegLoadKeyW

RegEnumKeyExW

RegOpenKeyExW

RegEnumValueW

RegDeleteValueW

RegDeleteKeyW

RegQueryInfoKeyW

RegCreateKeyExW

AdjustTokenPrivileges

CheckTokenMembership

IsValidSecurityDescriptor

SetEntriesInAclW

SetSecurityDescriptorOwner

AllocateAndInitializeSid

InitializeAcl

LookupPrivilegeValueW

SetSecurityDescriptorDacl

InitializeSecurityDescriptor

GetTokenInformation

OpenProcessToken

CreateServiceW

CloseServiceHandle

DeleteService

OpenSCManagerW

OpenServiceW

RegQueryValueExW

StartServiceW

ControlService

EnumDependentServicesW

QueryServiceConfig2W

ChangeServiceConfig2W

LookupPrivilegeValueA

ShellExecuteW

SHGetFolderPathW

CommandLineToArgvW

CoInitializeEx

CoUninitialize

CoSetProxyBlanket

CoCreateInstance

CoTaskMemFree

CoInitializeSecurity

SysStringLen

VariantInit

SysFreeString

SysAllocString

VariantClear

GetFileVersionInfoW

GetFileVersionInfoSizeW

VerQueryValueW

InternetCrackUrlW

InternetGetConnectedState

memset

memcmp

NtQuerySystemInformation

qsort

sprintf

_vsnprintf

_snprintf

_vsnwprintf

strncmp

strchr

strcspn

toupper

memcpy

isspace

_wtoi

_wcsicmp

_aullrem

_alldvrm

_aullshr

NtQueryVirtualMemory

tolower

_allshr

_allshl

isalnum

memmove

NtDeleteKey

NtSetValueKey

NtDeleteValueKey

memchr

NtUnloadDriver

RtlInitUnicodeString

NtLoadDriver

strlen

NtOpenKey

NtQueryKey

strstr

sscanf

GetProcessImageFileNameW

GetModuleFileNameExW

GetProfilesDirectoryW

InitCommonControlsEx

ImageList_Destroy

ImageList_SetOverlayImage

ord410

ImageList_Create

ImageList_ReplaceIcon

ord413

WinHttpReadData

WinHttpOpenRequest

WinHttpOpen

WinHttpQueryDataAvailable

WinHttpSetOption

WinHttpSendRequest

WinHttpWriteData

WinHttpQueryHeaders

WinHttpConnect

WinHttpCloseHandle

WinHttpReceiveResponse

GetAdaptersAddresses

WSAAddressToStringW

CertFreeCertificateContext

CryptMsgClose

CryptDecodeObject

CryptQueryObject

CertGetNameStringW

CertFindCertificateInStore

CertCloseStore

CryptMsgGetParam

CryptCATAdminCalcHashFromFileHandle

WinVerifyTrust

CryptCATAdminAcquireContext

CryptCATAdminReleaseContext

CryptCATAdminReleaseCatalogContext

CryptCATCatalogInfoFromContext

CryptCATAdminEnumCatalogFromHash

PathSearchAndQualifyW

PathCompactPathW

PathIsRootW

PathRemoveBlanksW

PathGetDriveNumberW

PathCanonicalizeW

StrCmpNIW

PathUnquoteSpacesW

PathFindFileNameW

PathIsRelativeW

PathGetArgsW

PathFindExtensionW

PathQuoteSpacesW

PathRemoveArgsW

PathMakePrettyW

PathIsDirectoryW

PathUnExpandEnvStringsW

PathIsPrefixW

PathIsNetworkPathW

StrCmpIW

StrDupW

PathFileExistsW

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ