IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

wcschr

memcmp

_purecall

wcscat_s

__CxxFrameHandler3

wcscpy_s

_CxxThrowException

_vsnprintf

_vsnwprintf

memcpy

memmove

_except_handler4_common

memcpy_s

__dllonexit

_unlock

_lock

_initterm

_amsg_exit

_XcptFilter

free

_callnewh

_wcsnicmp

wcsrchr

wcsncmp

iswalpha

_wtol

??1type_info@@UAE@XZ

swprintf_s

_onexit

?terminate@@YAXXZ

malloc

_wcsicmp

memset

NtQueryInformationProcess

RtlLengthSid

NtDuplicateToken

RtlFreeHeap

RtlAllocateHeap

RtlNtStatusToDosError

WinSqmSetDWORD

WinSqmStartSession

WinSqmAddToStream

WinSqmEndSession

WinSqmIsOptedIn

RtlGetActiveConsoleId

EtwEventWriteFull

EtwEventRegister

EtwEventUnregister

RtlUnsubscribeWnfStateChangeNotification

RtlSubscribeWnfStateChangeNotification

NtQueryWnfStateData

RtlInsertElementGenericTable

RtlLookupElementGenericTable

RtlQueryEnvironmentVariable_U

RtlInitUnicodeStringEx

RtlInitializeGenericTable

RtlDeleteElementGenericTable

RtlEnumerateGenericTable

RtlAllocateAndInitializeSid

RtlAcquireResourceExclusive

RtlReleaseResource

RtlAcquireResourceShared

DbgPrint

RtlEqualSid

VerSetConditionMask

RtlFreeSid

RtlInitializeResource

RtlVerifyVersionInfo

RtlCaptureStackBackTrace

RtlDeleteResource

NtQuerySystemInformation

GetModuleHandleExW

FreeLibrary

GetProcAddress

LoadLibraryExW

LoadStringW

GetModuleFileNameW

DisableThreadLibraryCalls

UnhandledExceptionFilter

SetUnhandledExceptionFilter

GetLastError

SetLastError

CloseHandle

DuplicateHandle

SetServiceStatus

RegisterServiceCtrlHandlerExW

WaitForSingleObject

InitializeCriticalSectionAndSpinCount

ResetEvent

LeaveCriticalSection

WaitForMultipleObjectsEx

DeleteCriticalSection

EnterCriticalSection

CreateEventW

SetEvent

InitializeCriticalSection

Sleep

InitOnceExecuteOnce

QueryPerformanceCounter

QueryPerformanceFrequency

ProcessIdToSessionId

OpenProcessToken

TerminateThread

OpenThreadToken

TerminateProcess

GetCurrentThreadId

GetCurrentProcessId

GetThreadId

CreateProcessW

GetCurrentProcess

CreateProcessAsUserW

CreateThread

GetCurrentThread

GetComputerNameExW

GetSystemTime

GetTickCount

GetVersionExW

GetSystemDirectoryW

GetSystemTimeAsFileTime

GetLocalTime

WTSGetActiveConsoleSessionId

UnregisterWaitEx

DeleteTimerQueueTimer

VerifyVersionInfoW

GetComputerNameW

DeleteTimerQueueEx

CreateTimerQueueTimer

CreateTimerQueue

MoveFileW

SetVolumeMountPointW

SysNotifyStopServer

SysNotifyStartServer

DismOpenSession

DismEnableFeature

DismShutdown

DismDisableFeature

DismInitialize

EnableTraceEx2

StartTraceW

ControlTraceW

RegLoadKeyW

RegCloseKey

RegNotifyChangeKeyValue

RegCreateKeyExW

RegUnLoadKeyW

RegOpenKeyExW

RegEnumValueW

RegDeleteValueW

RegEnumKeyExW

RegOpenCurrentUser

RegSetValueExW

RegDeleteTreeW

RegGetValueW

RegQueryInfoKeyW

RegQueryValueExW

EventUnregister

EventWriteTransfer

EventSetInformation

EventRegister

EventActivityIdControl

CoCreateInstanceEx

CoSetProxyBlanket

CoWaitForMultipleHandles

CoCreateInstance

CoCreateGuid

CoUninitialize

StringFromCLSID

CoTaskMemAlloc

CoTaskMemFree

CoInitializeEx

IsDebuggerPresent

DebugBreak

OutputDebugStringA

MakeAbsoluteSD

RevertToSelf

CreateWellKnownSid

FreeSid

AllocateAndInitializeSid

SetTokenInformation

ImpersonateLoggedOnUser

GetFileSecurityW

GetSecurityDescriptorLength

SetSecurityDescriptorControl

InitializeSecurityDescriptor

IsValidSid

DeleteAce

GetSecurityDescriptorControl

EqualSid

GetAce

CheckTokenMembership

GetTokenInformation

DuplicateToken

GetAclInformation

GetSecurityDescriptorDacl

SetSecurityDescriptorDacl

AdjustTokenPrivileges

GetLengthSid

SetFileSecurityW

DuplicateTokenEx

CopySid

LocalAlloc

LocalFree

ConvertStringSidToSidW

ConvertSidToStringSidW

ConvertStringSecurityDescriptorToSecurityDescriptorW

GetProcessHeap

HeapFree

HeapReAlloc

HeapAlloc

GetFileSizeEx

ReadFile

GetFileTime

SetFilePointer

CreateFileW

FileTimeToLocalFileTime

FindFirstFileW

WriteFile

FindFirstVolumeW

GetFileAttributesW

CompareFileTime

FindClose

DeleteVolumeMountPointW

DeleteFileW

RemoveDirectoryW

FindVolumeClose

FindNextVolumeW

SetFileAttributesW

FindNextFileW

CreateDirectoryW

MultiByteToWideChar

WideCharToMultiByte

WaitForMultipleObjects

InitiateSystemShutdownExW

FileTimeToSystemTime

SystemTimeToFileTime

ExpandEnvironmentStringsW

DeviceIoControl

RpcServerRegisterIfEx

RpcServerUnregisterIfEx

RpcStringFreeW

RpcServerRegisterAuthInfoW

RpcServerInqDefaultPrincNameW

RpcBindingToStringBindingW

RpcStringBindingParseW

RpcServerInqCallAttributesW

RpcGetAuthorizationContextForClient

RpcImpersonateClient

RpcRevertToSelf

UuidCreate

RpcBindingServerFromClient

UuidToStringW

NdrServerCall2

I_RpcBindingInqLocalClientPID

RpcBindingVectorFree

RpcEpRegisterW

RpcServerInqBindings

RpcServerUseProtseqExW

RpcBindingFree

RpcBindingInqAuthClientW

RpcFreeAuthorizationContext

RpcServerUseProtseqEpW

MoveFileWithProgressW

CopyFileExW

CreateSymbolicLinkW

GetFileInformationByHandleEx

PathCchCombine

OpenProcess

GetProcessMitigationPolicy

QueryFullProcessImageNameW

NetLocalGroupDelMembers

NetLocalGroupAddMembers

NetUserGetInfo

GetVolumePathNamesForVolumeNameW

GetVolumeNameForVolumeMountPointW

GetTempPathW

TraceMessage

CredUnprotectW

ResolveDelayLoadedAPI

DelayLoadFailureHook

LocalSize

lstrcmpiW

StrToIntExW

LookupAccountSidLocalW

SHGetKnownFolderPath

SceSetupSystemByInfName

LoadLibraryW

FormatMessageW

LsaFreeMemory

ApiSetQueryApiSetPresence

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ