IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

_purecall

_CxxThrowException

_vsnwprintf

_vsnprintf

wcscpy_s

?terminate@@YAXXZ

wcscat_s

toupper

wcschr

_wtol

__CxxFrameHandler3

memcpy_s

_wcsicmp

??1type_info@@UAE@XZ

memcmp

memcpy

memmove

_except_handler4_common

_onexit

__dllonexit

_unlock

_lock

_initterm

_amsg_exit

_XcptFilter

free

_wcsnicmp

wcsrchr

wcsncmp

iswalpha

swprintf_s

_callnewh

malloc

memset

RtlLengthSid

RtlFreeHeap

RtlAllocateHeap

NtQueryInformationProcess

RtlNtStatusToDosError

WinSqmSetDWORD

WinSqmStartSession

WinSqmAddToStream

WinSqmEndSession

WinSqmIsOptedIn

RtlGetActiveConsoleId

EtwEventWriteFull

EtwEventRegister

EtwEventUnregister

RtlUnsubscribeWnfStateChangeNotification

RtlSubscribeWnfStateChangeNotification

NtQueryWnfStateData

RtlInsertElementGenericTable

RtlLookupElementGenericTable

RtlQueryEnvironmentVariable_U

RtlInitUnicodeStringEx

RtlInitializeGenericTable

RtlDeleteElementGenericTable

RtlEnumerateGenericTable

RtlAllocateAndInitializeSid

RtlAcquireResourceExclusive

RtlReleaseResource

RtlAcquireResourceShared

DbgPrint

RtlEqualSid

VerSetConditionMask

RtlFreeSid

RtlInitializeResource

RtlVerifyVersionInfo

RtlCaptureStackBackTrace

RtlDeleteResource

NtQuerySystemInformation

NtDuplicateToken

GetModuleFileNameA

LoadStringW

GetModuleHandleExW

GetModuleFileNameW

LoadLibraryExW

GetProcAddress

DisableThreadLibraryCalls

FreeLibrary

SetLastError

UnhandledExceptionFilter

SetUnhandledExceptionFilter

GetLastError

DuplicateHandle

CloseHandle

RegisterServiceCtrlHandlerExW

SetServiceStatus

EnterCriticalSection

WaitForSingleObject

AcquireSRWLockExclusive

WaitForMultipleObjectsEx

ReleaseSRWLockExclusive

SetEvent

LeaveCriticalSection

ResetEvent

DeleteCriticalSection

InitializeCriticalSectionAndSpinCount

CreateEventW

InitializeCriticalSection

RegQueryValueExW

RegDeleteTreeW

RegQueryInfoKeyW

RegCreateKeyExW

RegNotifyChangeKeyValue

RegOpenKeyExW

RegLoadKeyW

RegGetValueW

RegUnLoadKeyW

RegSetValueExW

RegCloseKey

RegEnumValueW

RegDeleteValueW

RegEnumKeyExW

RegOpenCurrentUser

EventProviderEnabled

EventSetInformation

EventRegister

EventActivityIdControl

EventWriteTransfer

EventUnregister

Sleep

InitOnceExecuteOnce

QueryPerformanceCounter

QueryPerformanceFrequency

GetThreadId

CreateProcessAsUserW

OpenThreadToken

GetCurrentThread

TerminateProcess

ProcessIdToSessionId

GetCurrentProcessId

OpenProcessToken

CreateProcessW

GetCurrentThreadId

GetCurrentProcess

CreateThread

TerminateThread

GetSystemTimeAsFileTime

GetComputerNameExW

GetTickCount

GetVersionExW

GetLocalTime

GetSystemDirectoryW

GetSystemTime

UnregisterWaitEx

WTSGetActiveConsoleSessionId

CreateTimerQueue

DeleteTimerQueueTimer

VerifyVersionInfoW

GetComputerNameW

DeleteTimerQueueEx

CreateTimerQueueTimer

MoveFileW

SetVolumeMountPointW

SysNotifyStopServer

SysNotifyStartServer

DismInitialize

DismShutdown

DismEnableFeature

DismDisableFeature

DismOpenSession

ControlTraceW

StartTraceW

EnableTraceEx2

CoCreateGuid

CoWaitForMultipleHandles

StringFromCLSID

CoSetProxyBlanket

CoCreateInstanceEx

CoInitializeEx

CoTaskMemAlloc

CoUninitialize

CoCreateInstance

CoTaskMemFree

OutputDebugStringA

IsDebuggerPresent

DebugBreak

DuplicateTokenEx

MakeAbsoluteSD

GetTokenInformation

FreeSid

CheckTokenMembership

AdjustTokenPrivileges

GetAce

GetFileSecurityW

GetSecurityDescriptorLength

SetSecurityDescriptorControl

InitializeSecurityDescriptor

IsValidSid

DeleteAce

GetSecurityDescriptorControl

CopySid

GetLengthSid

CreateWellKnownSid

AllocateAndInitializeSid

GetAclInformation

SetFileSecurityW

SetTokenInformation

SetSecurityDescriptorDacl

ImpersonateLoggedOnUser

RevertToSelf

DuplicateToken

EqualSid

GetSecurityDescriptorDacl

LocalFree

LocalAlloc

ConvertStringSidToSidW

ConvertStringSecurityDescriptorToSecurityDescriptorW

ConvertSidToStringSidW

RpcServerInqBindings

RpcServerUseProtseqExW

RpcBindingFree

NdrServerCall2

RpcBindingInqAuthClientW

RpcBindingServerFromClient

I_RpcBindingInqLocalClientPID

RpcRevertToSelf

RpcBindingVectorFree

RpcImpersonateClient

RpcFreeAuthorizationContext

RpcGetAuthorizationContextForClient

RpcServerInqCallAttributesW

RpcStringBindingParseW

RpcStringFreeW

UuidToStringW

RpcBindingToStringBindingW

RpcServerUnregisterIfEx

RpcEpRegisterW

RpcServerInqDefaultPrincNameW

RpcServerRegisterIfEx

RpcServerRegisterAuthInfoW

RpcServerUseProtseqEpW

UuidCreate

HeapAlloc

HeapFree

GetProcessHeap

HeapReAlloc

DeleteFileW

CompareFileTime

CreateDirectoryW

FindClose

CreateFileW

GetFileTime

RemoveDirectoryW

GetFileAttributesW

FindNextFileW

FileTimeToLocalFileTime

FindFirstFileW

GetFileSizeEx

SetFilePointer

WriteFile

FindFirstVolumeW

FindNextVolumeW

FindVolumeClose

SetFileAttributesW

DeleteVolumeMountPointW

ReadFile

WideCharToMultiByte

MultiByteToWideChar

WaitForMultipleObjects

InitiateSystemShutdownExW

FileTimeToSystemTime

SystemTimeToFileTime

ExpandEnvironmentStringsW

DeviceIoControl

MoveFileWithProgressW

GetFileInformationByHandleEx

CreateSymbolicLinkW

CopyFileExW

PathCchCombine

GetProcessMitigationPolicy

OpenProcess

QueryFullProcessImageNameW

NetLocalGroupDelMembers

NetLocalGroupAddMembers

NetUserGetInfo

GetVolumeNameForVolumeMountPointW

GetVolumePathNamesForVolumeNameW

GetTempPathW

TraceMessage

CredUnprotectW

ResolveDelayLoadedAPI

DelayLoadFailureHook

LocalSize

lstrcmpiW

StrToIntExW

LookupAccountSidLocalW

SHGetKnownFolderPath

SceSetupSystemByInfName

LoadLibraryW

FormatMessageW

LsaFreeMemory

ApiSetQueryApiSetPresence

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ