IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

wcschr

memcpy_s

memmove

_except_handler4_common

swprintf_s

_wcsicmp

??1type_info@@UAE@XZ

__CxxFrameHandler3

_CxxThrowException

_purecall

wcscat_s

wcscpy_s

_onexit

__dllonexit

_unlock

_lock

_initterm

_amsg_exit

_XcptFilter

free

_callnewh

_wcsnicmp

wcsrchr

wcsncmp

iswalpha

_vsnprintf

_vsnwprintf

memcmp

memcpy

malloc

_wtol

memset

NtQueryInformationProcess

RtlLengthSid

NtDuplicateToken

RtlFreeHeap

RtlAllocateHeap

RtlNtStatusToDosError

WinSqmSetDWORD

WinSqmStartSession

WinSqmAddToStream

WinSqmEndSession

WinSqmIsOptedIn

RtlGetActiveConsoleId

EtwEventWriteFull

EtwEventRegister

EtwEventUnregister

RtlInsertElementGenericTable

RtlLookupElementGenericTable

RtlQueryEnvironmentVariable_U

RtlInitUnicodeStringEx

RtlInitializeGenericTable

RtlDeleteElementGenericTable

RtlEnumerateGenericTable

RtlAllocateAndInitializeSid

RtlAcquireResourceExclusive

RtlReleaseResource

RtlAcquireResourceShared

DbgPrint

RtlEqualSid

VerSetConditionMask

RtlFreeSid

RtlInitializeResource

RtlVerifyVersionInfo

RtlCaptureStackBackTrace

RtlDeleteResource

NtQuerySystemInformation

GetProcAddress

LoadLibraryExW

LoadStringW

FreeLibrary

GetModuleHandleExW

DisableThreadLibraryCalls

TraceMessage

GetTraceLoggerHandle

UnregisterTraceGuids

RegisterTraceGuidsW

GetTraceEnableFlags

GetTraceEnableLevel

UnhandledExceptionFilter

SetUnhandledExceptionFilter

SetLastError

GetLastError

DuplicateHandle

CloseHandle

SetServiceStatus

RegisterServiceCtrlHandlerExW

InitializeCriticalSection

SetEvent

DeleteCriticalSection

WaitForMultipleObjectsEx

InitializeCriticalSectionAndSpinCount

LeaveCriticalSection

CreateEventW

WaitForSingleObject

EnterCriticalSection

ResetEvent

Sleep

InitOnceExecuteOnce

QueryPerformanceFrequency

QueryPerformanceCounter

GetCurrentProcess

OpenProcess

GetCurrentThread

GetCurrentThreadId

ProcessIdToSessionId

CreateProcessAsUserW

OpenProcessToken

TerminateThread

GetCurrentProcessId

CreateThread

CreateProcessW

GetThreadId

OpenThreadToken

TerminateProcess

GetSystemTimeAsFileTime

GetLocalTime

GetSystemTime

GetComputerNameExW

GetTickCount

GetSystemDirectoryW

SetVolumeMountPointW

MoveFileW

WTSGetActiveConsoleSessionId

CreateTimerQueue

DeleteTimerQueueTimer

GetComputerNameW

DeleteTimerQueueEx

CreateTimerQueueTimer

UnregisterWaitEx

SysNotifyStartServer

SysNotifyStopServer

EnableTraceEx2

ControlTraceW

StartTraceW

RegNotifyChangeKeyValue

RegQueryValueExW

RegCloseKey

RegDeleteTreeW

RegCreateKeyExW

RegSetValueExW

RegOpenKeyExW

RegQueryInfoKeyW

RegUnLoadKeyW

RegGetValueW

RegLoadKeyW

RegEnumValueW

RegDeleteValueW

RegEnumKeyExW

RegOpenCurrentUser

CoCreateInstance

StringFromCLSID

CoCreateInstanceEx

CoCreateGuid

CoTaskMemFree

CoInitializeEx

CoUninitialize

CoTaskMemAlloc

CoSetProxyBlanket

OutputDebugStringA

DebugBreak

IsDebuggerPresent

GetTokenInformation

CheckTokenMembership

CopySid

CreateWellKnownSid

GetLengthSid

ImpersonateLoggedOnUser

FreeSid

AllocateAndInitializeSid

SetTokenInformation

SetFileSecurityW

EqualSid

GetAce

AdjustTokenPrivileges

GetAclInformation

GetSecurityDescriptorLength

SetSecurityDescriptorControl

InitializeSecurityDescriptor

IsValidSid

DeleteAce

GetSecurityDescriptorControl

GetSecurityDescriptorDacl

RevertToSelf

SetSecurityDescriptorDacl

DuplicateTokenEx

MakeAbsoluteSD

DuplicateToken

GetFileSecurityW

LocalFree

LocalAlloc

GetProcessHeap

HeapReAlloc

HeapAlloc

HeapFree

FindFirstVolumeW

FindNextVolumeW

CreateDirectoryW

GetTempPathW

RemoveDirectoryW

SetFileAttributesW

FindNextFileW

CompareFileTime

SetFilePointer

FileTimeToLocalFileTime

CreateFileW

GetFileTime

GetFileAttributesW

ReadFile

DeleteFileW

WriteFile

GetVolumeNameForVolumeMountPointW

GetVolumePathNamesForVolumeNameW

FindClose

FindFirstFileW

DeleteVolumeMountPointW

GetFileSizeEx

FindVolumeClose

WideCharToMultiByte

MultiByteToWideChar

ConvertStringSidToSidW

ConvertSidToStringSidW

ConvertStringSecurityDescriptorToSecurityDescriptorW

FileTimeToSystemTime

SystemTimeToFileTime

EventRegister

EventWriteTransfer

EventSetInformation

EventUnregister

EventActivityIdControl

ExpandEnvironmentStringsW

DeviceIoControl

I_RpcBindingInqLocalClientPID

NdrServerCall2

RpcServerInqDefaultPrincNameW

UuidToStringW

RpcServerRegisterAuthInfoW

RpcStringFreeW

RpcServerUseProtseqEpW

RpcServerRegisterIfEx

RpcBindingVectorFree

RpcEpRegisterW

RpcServerInqBindings

RpcServerUseProtseqExW

RpcBindingFree

RpcBindingInqAuthClientW

RpcBindingServerFromClient

UuidCreate

RpcServerUnregisterIfEx

RpcBindingToStringBindingW

RpcStringBindingParseW

RpcServerInqCallAttributesW

RpcGetAuthorizationContextForClient

RpcRevertToSelf

RpcImpersonateClient

RpcFreeAuthorizationContext

GetFileInformationByHandleEx

MoveFileWithProgressW

CreateSymbolicLinkW

CopyFileExW

PathCchCombine

QueryFullProcessImageNameW

WaitForMultipleObjects

NetLocalGroupDelMembers

NetLocalGroupAddMembers

NetUserGetInfo

CredUnprotectW

ResolveDelayLoadedAPI

DelayLoadFailureHook

LocalSize

lstrcmpiW

StrToIntExW

LookupAccountSidLocalW

SHGetKnownFolderPath

LoadLibraryW

FormatMessageW

LsaFreeMemory

ApiSetQueryApiSetPresence

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ