IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

ShellExecuteW

lstrcpyW

lstrlenA

GetFirmwareEnvironmentVariableA

GetLocaleInfoA

DeleteFileW

VirtualFree

Sleep

CreateFileW

EnumSystemCodePagesA

OpenProcess

GetWindowsDirectoryA

FindNextFileA

GetSystemDirectoryW

InitializeCriticalSection

GetConsoleAliasesA

SetMailslotInfo

CreateSemaphoreA

GetCurrentProcess

GetModuleFileNameA

GetLastError

WriteFile

GetTickCount

LZCopy

CreateFileA

lstrcatW

GetFileSizeEx

EnumerateLocalComputerNamesW

GetSystemDefaultLCID

GetConsoleMode

OutputDebugStringW

VirtualQuery

EnterCriticalSection

DuplicateHandle

FindFirstFileA

Module32First

VirtualAlloc

FormatMessageW

SetFileTime

LeaveCriticalSection

lstrcpyA

GetTimeFormatA

LZCreateFileW

CopyFileA

GetSystemDirectoryA

FindClose

EnumSystemLocalesA

FindResourceW

GetModuleHandleA

WriteFileGather

CloseHandle

lstrcatA

DeleteFileA

ReadFile

GetProcAddress

GetStringTypeExA

RegQueryValueExA

CryptEncrypt

ObjectDeleteAuditAlarmA

AdjustTokenPrivileges

WmiGetFirstTraceOffset

RegCloseKey

RegEnumValueA

RegSetValueExA

CloseServiceHandle

OpenSCManagerA

EnumServicesStatusA

LookupPrivilegeValueA

SaferSetPolicyInformation

OpenProcessToken

RegOpenKeyA

RegCreateKeyA

NtQuerySystemInformation

isspace

ZwLoadDriver

RtlAnsiStringToUnicodeString

RtlInitAnsiString

wcsstr

strstr

NtQueryObject

strncmp

tolower

sprintf

_chkstk

memcpy

strlen

memset

RtlFreeUnicodeString

isdigit

vsprintf

EnumProcesses

GetProcessImageFileNameA

select

connect

htonl

getnameinfo

socket

getservbyname

recv

send

WSACloseEvent

WSACreateEvent

WSAAsyncGetHostByName

closesocket

__WSAFDIsSet

htons

WSAStartup

gethostbyname

CoCreateGuid

GetKeyboardLayout

CharLowerW

ExitWindowsEx

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ