NtClose
NtQueryValueKey
NtOpenKey
RtlReleaseSRWLockExclusive
LdrGetProcedureAddress
RtlInitString
LdrGetDllHandle
RtlAcquireSRWLockExclusive
RtlPrefixUnicodeString
NtQueryObject
RtlCopyLuid
NtQueryInformationToken
NtOpenProcessToken
NtOpenThreadToken
NtOpenSymbolicLinkObject
wcsncpy_s
LdrUnloadDll
LdrLoadDll
NtCreateSymbolicLinkObject
RtlInitializeCriticalSectionAndSpinCount
NtQueryInformationProcess
NtSetInformationObject
NtCreateDirectoryObject
RtlSetSaclSecurityDescriptor
RtlSetDaclSecurityDescriptor
RtlCreateSecurityDescriptor
RtlDeleteCriticalSection
_wcsicmp
RtlInitUnicodeStringEx
RtlQueryRegistryValues
swprintf_s
wcscpy_s
wcscat_s
RtlCreateUnicodeString
RtlExpandEnvironmentStrings_U
RtlInitializeCriticalSection
RtlCreateTagHeap
memcpy
RtlExitUserThread
RtlLeaveCriticalSection
RtlEnterCriticalSection
NtQuerySystemInformation
NtMakePermanentObject
RtlFreeSid
_wcsnicmp
NtMakeTemporaryObject
NtQuerySymbolicLinkObject
memmove
wcsnlen
_snwprintf_s
RtlUpcaseUnicodeChar
NtSetInformationThread
NtDuplicateToken
NtOpenThread
NtSetInformationProcess
NtDuplicateObject
NtOpenProcess
RtlCompareUnicodeString
RtlAnsiStringToUnicodeString
memset
NtCreateEvent
NtSetEvent
RtlEqualSid
RtlOpenCurrentUser
NtVdmControl
RtlCopyUnicodeString
NtCompareTokens
NtResetEvent
DbgPrint
NtNotifyChangeKey
RtlCopySid
NtCreateKey
RtlEqualUnicodeString
NtEnumerateKey
NtEnumerateValueKey
RtlUnlockHeap
RtlLockHeap
LdrDisableThreadCalloutsForDll
NtTerminateProcess
RtlUnhandledExceptionFilter
RtlUnwind
RtlAllocateAndInitializeSid
RtlLengthSid
RtlAllocateHeap
RtlCreateAcl
RtlAddAccessAllowedAce
RtlAddMandatoryAce
RtlFreeHeap
RtlInitUnicodeString
RtlCreateUserThread
RtlReAllocateHeap
NtQueryMultipleValueKey
