IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

_except_handler4_common

_amsg_exit

_initterm

free

malloc

_XcptFilter

memset

wcsstr

_wtol

iswspace

_vsnwprintf

qsort

_vsnprintf

memcpy

memmove

NtQueryKey

NtEnumerateKey

NtOpenKey

NtCreateSection

NtMapViewOfSection

LdrResSearchResource

NtUnmapViewOfSection

NtReadFile

NtWaitForSingleObject

RtlInitializeSRWLock

RtlAcquireSRWLockExclusive

RtlReleaseSRWLockExclusive

RtlCopyUnicodeString

NtOpenSymbolicLinkObject

NtQuerySymbolicLinkObject

NtDeviceIoControlFile

NtQueryVolumeInformationFile

NtQueryObject

NtOpenFile

NtQueryLicenseValue

EtwEventEnabled

RtlLengthSid

RtlPrefixUnicodeString

RtlGUIDFromString

EtwEventWrite

RtlCreateSecurityDescriptor

RtlSetOwnerSecurityDescriptor

RtlSetGroupSecurityDescriptor

RtlSetSaclSecurityDescriptor

RtlSetDaclSecurityDescriptor

NtQueryValueKey

NtQueryInformationFile

RtlUpcaseUnicodeString

RtlEqualUnicodeString

RtlFreeHeap

RtlAllocateHeap

NtOpenThreadToken

NtOpenProcessToken

NtClose

EtwEventRegister

EtwEventUnregister

EtwTraceMessage

RtlInitUnicodeString

RtlRunOnceExecuteOnce

RtlNtStatusToDosErrorNoTeb

EtwUnregisterTraceGuids

EtwRegisterTraceGuidsW

EtwGetTraceLoggerHandle

EtwGetTraceEnableLevel

EtwGetTraceEnableFlags

RtlCompareUnicodeString

RegCloseKey

RegSetValueExW

RegCreateKeyTransactedW

RegOpenKeyTransactedW

ord1000

CryptSIPLoad

CryptSIPRetrieveSubjectGuidForCatalogFile

CertGetNameStringW

CertGetEnhancedKeyUsage

CryptHashCertificate

CryptEncodeObject

CertEnumCertificatesInStore

ord160

ord8

ord159

ord32

ord92

ord157

ord118

DisableThreadLibraryCalls

SetLastError

InterlockedCompareExchange

GetLastError

CloseHandle

GetCurrentProcessId

SetUnhandledExceptionFilter

UnhandledExceptionFilter

TerminateProcess

GetSystemTimeAsFileTime

GetCurrentThreadId

GetTickCount

QueryPerformanceCounter

Sleep

InterlockedExchange

DeviceIoControl

CompareFileTime

GetCurrentProcess

IsWow64Process

GetFinalPathNameByHandleW

InterlockedIncrement

LoadLibraryExA

FreeLibrary

GetProcAddress

DelayLoadFailureHook

CreateFileW

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ