IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_NO_SEH

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

VirtualQueryEx

CreateFileMappingW

MapViewOfFile

VirtualProtect

GetFileAttributesW

SetErrorMode

OpenFileMappingW

QueryDosDeviceW

GetDriveTypeW

GetVolumeInformationW

GetDiskFreeSpaceExW

FindFirstFileW

FindClose

FindNextFileW

SetFilePointer

SetEndOfFile

FlushFileBuffers

SetFileTime

GetFileTime

CreateDirectoryW

ExpandEnvironmentStringsW

GetLocalTime

GetProcessHeap

HeapFree

lstrcpyW

QueryPerformanceFrequency

QueryPerformanceCounter

CreateNamedPipeW

ConnectNamedPipe

GetOverlappedResult

GetConsoleCP

FreeConsole

GetConsoleOutputCP

GetConsoleWindow

AllocConsole

VirtualAllocEx

SetConsoleScreenBufferSize

GetStdHandle

WriteConsoleInputW

GenerateConsoleCtrlEvent

GetConsoleMode

GetConsoleDisplayMode

GetConsoleCursorInfo

GetConsoleScreenBufferInfo

ReadConsoleOutputW

GetSystemDirectoryW

GetWindowsDirectoryW

GetModuleFileNameW

GetModuleHandleW

RemoveDirectoryW

GetComputerNameW

ResumeThread

lstrcpynA

ResetEvent

DisconnectNamedPipe

CreateThread

lstrcmpA

ExitThread

OutputDebugStringA

LocalAlloc

lstrcatW

LocalFree

FormatMessageA

CreateIoCompletionPort

PostQueuedCompletionStatus

TerminateThread

GetCurrentThread

GetQueuedCompletionStatus

LocalLock

LocalUnlock

LocalReAlloc

SetLastError

VirtualProtectEx

GetModuleHandleA

DeleteFileW

OutputDebugStringW

WriteProcessMemory

ReadProcessMemory

OpenProcess

GetVersionExW

GetCurrentThreadId

SetUnhandledExceptionFilter

DeleteCriticalSection

InitializeCriticalSection

MultiByteToWideChar

WideCharToMultiByte

lstrlenA

lstrlenW

WriteFile

SetFileAttributesW

ReadFile

GetFileSize

CreateFileW

lstrcpyA

lstrcmpW

lstrcpynW

WaitForMultipleObjects

GetTickCount

CreateEventW

GetLastError

CreateProcessW

ExitProcess

GetCurrentProcess

TerminateProcess

CreateMutexW

QueueUserAPC

GetExitCodeThread

VirtualFree

VirtualAlloc

LeaveCriticalSection

EnterCriticalSection

GetSystemDefaultLCID

GetSystemInfo

GetSystemTime

GlobalMemoryStatus

VirtualFreeEx

ProcessIdToSessionId

CreateRemoteThread

GetCurrentProcessId

lstrcmpiW

GetCommandLineW

CloseHandle

WaitForSingleObject

SetEvent

GetProcAddress

LoadLibraryA

SetConsoleCtrlHandler

Sleep

GetKeyState

GetAsyncKeyState

GetWindowThreadProcessId

GetClassNameW

GetWindowTextW

GetForegroundWindow

ExitWindowsEx

DefWindowProcW

CallNextHookEx

UnhookWindowsHookEx

DestroyIcon

LoadCursorW

ShowWindow

PostQuitMessage

KillTimer

TranslateMessage

GetMessageW

SetWindowsHookExW

SetTimer

SetWindowLongW

WindowFromPoint

SetCapture

SetCursorPos

mouse_event

keybd_event

OpenWindowStationW

GetProcessWindowStation

SetProcessWindowStation

OpenInputDesktop

GetThreadDesktop

SetThreadDesktop

CloseWindowStation

PostMessageA

CreateWindowExW

CloseDesktop

CreateDesktopW

GetSystemMetrics

wsprintfA

MessageBoxW

wsprintfW

GetIconInfo

DispatchMessageW

CreateDIBSection

CreateCompatibleDC

CreateCompatibleBitmap

GdiFlush

BitBlt

GetDeviceCaps

DeleteDC

DeleteObject

GetDIBits

CreateDCW

SelectObject

RegOpenKeyExW

DeleteService

QueryServiceStatusEx

CloseServiceHandle

StartServiceW

ChangeServiceConfig2W

CreateServiceW

OpenServiceW

OpenSCManagerW

RegCloseKey

RegCreateKeyExW

RegSetValueExW

RegEnumKeyExW

RegQueryValueExW

EnumServicesStatusExW

QueryServiceConfigW

QueryServiceConfig2W

ControlService

ChangeServiceConfigW

OpenProcessToken

GetTokenInformation

AllocateAndInitializeSid

EqualSid

FreeSid

RegDeleteValueW

LookupPrivilegeValueW

AdjustTokenPrivileges

GetUserNameW

LookupAccountSidW

GetLengthSid

DuplicateTokenEx

SetTokenInformation

CreateProcessAsUserW

RegEnumValueA

ImpersonateLoggedOnUser

RegOpenCurrentUser

RegOverridePredefKey

RevertToSelf

RegEnumValueW

InitiateSystemShutdownA

SHFileOperationW

CommandLineToArgvW

ExtractIconExW

ord2

ord136

ord43

ord13

ord127

ord18

ord61

ord111

ord9

ord141

ord75

ord24

ord171

ord31

ord157

WSARecvFrom

setsockopt

WSAIoctl

WSASocketA

getsockname

bind

WSASendTo

WSACleanup

WSAGetLastError

WSAStartup

closesocket

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ