IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

RtlUnwind

atoi

islower

isgraph

isupper

_stricmp

_atoi64

_allrem

_allshr

isprint

strpbrk

strstr

strtol

_alldiv

_CIlog

_CIpow

_strnicmp

strcmp

_vsnprintf

NtUnloadDriver

RtlInitUnicodeString

NtLoadDriver

sscanf

strrchr

strtoul

wcstombs

_aulldvrm

_allshl

_allmul

_aullrem

_aulldiv

strncpy

isxdigit

isdigit

_chkstk

_vsnwprintf

sprintf

isalpha

_aullshr

strncmp

qsort

memset

_snprintf

memcpy

VerSetConditionMask

strchr

NtDeleteKey

NtSetValueKey

NtDeleteValueKey

NtOpenKey

NtQueryKey

wcsstr

isalnum

strcspn

toupper

_wtoi64

tolower

memchr

isspace

_wcsicmp

NtQueryVirtualMemory

memmove

NtQuerySystemInformation

floor

strspn

_alldvrm

QueryServiceConfig2W

RegQueryValueExW

ChangeServiceConfig2W

StartServiceW

QueryServiceStatus

EnumServicesStatusW

OpenProcessToken

GetTokenInformation

InitializeSecurityDescriptor

SetSecurityDescriptorDacl

LookupPrivilegeValueW

InitializeAcl

AllocateAndInitializeSid

SetSecurityDescriptorOwner

SetEntriesInAclW

FreeSid

IsValidSecurityDescriptor

CheckTokenMembership

AdjustTokenPrivileges

ControlService

QueryServiceConfigW

RegisterEventSourceA

RegCreateKeyExW

ReportEventA

RegQueryInfoKeyW

RegDeleteKeyW

RegDeleteValueW

RegEnumValueW

RegOpenKeyExW

DeregisterEventSource

OpenServiceW

RegEnumKeyExW

RegLoadKeyW

RegCloseKey

RegSetValueExW

RegUnLoadKeyW

GetUserNameW

EnumDependentServicesW

ConvertStringSidToSidW

LookupAccountNameW

LookupPrivilegeValueA

ConvertSidToStringSidW

GetExplicitEntriesFromAclW

FreeInheritedFromArray

SetNamedSecurityInfoW

RegGetKeySecurity

GetNamedSecurityInfoW

IsValidSid

RegSetKeySecurity

GetInheritanceSourceW

OpenSCManagerW

DeleteService

CloseServiceHandle

CreateServiceW

EncodePointer

DecodePointer

HeapSetInformation

GetStartupInfoW

GetStringTypeW

ExitThread

UnhandledExceptionFilter

SetUnhandledExceptionFilter

IsDebuggerPresent

GetCPInfo

ExitProcess

WaitForSingleObject

SetEvent

TerminateThread

CloseHandle

ResetEvent

CreateEventW

GetModuleHandleW

GetGeoInfoW

GetUserGeoID

GetLocaleInfoW

SetThreadLocale

GetThreadLocale

GetTickCount

WideCharToMultiByte

MultiByteToWideChar

FreeLibrary

LoadLibraryW

Sleep

GetCurrentThreadId

FindResourceW

LoadResource

SizeofResource

GetLastError

LockResource

CreateMutexW

SetErrorMode

GetCurrentProcess

GetComputerNameW

OpenProcess

GetSystemDirectoryW

FormatMessageW

GetModuleFileNameW

GetCurrentDirectoryW

GetProcAddress

ReleaseMutex

LocalFree

GetVolumeInformationW

CreateThread

GetFileSize

FindFirstFileW

SetFilePointer

MapViewOfFile

UnmapViewOfFile

MoveFileExW

CreateDirectoryW

WriteFile

CopyFileW

GetFileAttributesW

ReadFile

CreateFileW

GetLongPathNameW

SetLastError

MoveFileW

GetDiskFreeSpaceW

FindClose

CreateFileMappingW

RemoveDirectoryW

DeviceIoControl

FindNextFileW

GetFileAttributesExW

DeleteFileW

SetFileAttributesW

FileTimeToLocalFileTime

GetTempPathW

GetCurrentProcessId

GetCommandLineW

SystemTimeToTzSpecificLocalTime

SystemTimeToFileTime

CompareFileTime

TzSpecificLocalTimeToSystemTime

FileTimeToSystemTime

GetSystemTime

GetFullPathNameW

GetShortPathNameW

GetVersionExW

CreateProcessW

CreateJobObjectW

GetProcessTimes

Thread32First

AssignProcessToJobObject

ReadProcessMemory

GetExitCodeProcess

TerminateProcess

Thread32Next

Process32FirstW

OpenThread

Process32NextW

GetModuleHandleA

CreateToolhelp32Snapshot

TerminateJobObject

WriteProcessMemory

GetConsoleMode

SetConsoleMode

WriteConsoleW

GetStdHandle

GetDriveTypeW

QueryDosDeviceW

GetDiskFreeSpaceExW

lstrcmpA

LocalAlloc

lstrcpyW

OutputDebugStringA

GetVersionExA

SuspendThread

GetFullPathNameA

HeapReAlloc

CreateFileA

HeapCompact

TryEnterCriticalSection

SetEndOfFile

HeapAlloc

QueryPerformanceCounter

HeapFree

InterlockedCompareExchange

UnlockFile

FlushViewOfFile

LockFile

WaitForSingleObjectEx

OutputDebugStringW

UnlockFileEx

GetProcessHeap

GetSystemTimeAsFileTime

FormatMessageA

InitializeCriticalSection

HeapDestroy

LeaveCriticalSection

GetFileAttributesA

HeapCreate

HeapValidate

FlushFileBuffers

HeapSize

LockFileEx

EnterCriticalSection

LoadLibraryA

CreateFileMappingA

GetDiskFreeSpaceA

GetSystemInfo

DeleteCriticalSection

GetTempPathA

AreFileApisANSI

DeleteFileA

InterlockedDecrement

CreateRemoteThread

Module32FirstW

Module32NextW

GetFileSizeEx

SetFilePointerEx

VirtualFree

IsBadReadPtr

GetCompressedFileSizeW

WaitForMultipleObjectsEx

GetVolumePathNameW

IsBadWritePtr

lstrlenW

VirtualAlloc

GetFileType

lstrcmpiW

GetVolumeNameForVolumeMountPointW

GetFileInformationByHandle

SwitchToThread

InterlockedIncrement

RemoveVectoredExceptionHandler

AddVectoredExceptionHandler

GetVersion

SleepEx

VerifyVersionInfoA

CreateMutexA

TlsAlloc

TlsFree

TlsSetValue

TlsGetValue

VirtualQueryEx

PeekNamedPipe

WaitForMultipleObjects

ExpandEnvironmentStringsA

GlobalMemoryStatus

InterlockedExchange

FlushConsoleInputBuffer

RaiseException

LoadLibraryExW

GlobalAlloc

GlobalFree

GetDriveTypeA

FindFirstFileExA

SetConsoleCtrlHandler

ReadConsoleInputA

LCMapStringW

CompareStringW

FreeEnvironmentStringsW

GetEnvironmentStringsW

SetHandleCount

InitializeCriticalSectionAndSpinCount

GetACP

GetOEMCP

IsValidCodePage

GetConsoleCP

VirtualQuery

GetTimeZoneInformation

SetStdHandle

IsProcessorFeaturePresent

GetUserDefaultLCID

GetLocaleInfoA

EnumSystemLocalesA

IsValidLocale

SetEnvironmentVariableA

BackupSeek

BackupRead

ExpandEnvironmentStringsW

GetWindowTextW

InvalidateRect

TrackPopupMenuEx

LoadIconW

RegisterClassExW

TranslateMessage

GetDC

TrackMouseEvent

GetSubMenu

GetMessageW

TranslateAcceleratorW

GetWindowTextLengthW

PostQuitMessage

GetWindowRect

MessageBoxW

SetCursor

EndPaint

LoadStringW

DispatchMessageW

DestroyIcon

SetWindowTextW

DestroyMenu

EnableWindow

UpdateWindow

CreateWindowExW

GetCursorPos

SetWindowPos

GetDesktopWindow

SendMessageA

FindWindowA

MessageBoxA

LoadImageW

LoadCursorW

BeginPaint

PtInRect

LoadAcceleratorsW

LoadMenuW

GetWindowLongW

SetWindowLongW

ShowWindow

SetMenu

GetProcessWindowStation

GetUserObjectInformationW

EnumWindows

GetWindowThreadProcessId

ReleaseDC

DestroyWindow

ExitWindowsEx

SystemParametersInfoW

SendMessageW

PostThreadMessageW

GetSystemMetrics

CallWindowProcW

DefWindowProcW

MoveWindow

GetClientRect

RedrawWindow

SetTextColor

DeleteObject

CreateFontW

GetStockObject

CommandLineToArgvW

SHGetFolderPathW

ShellExecuteW

ShellExecuteExW

CoSetProxyBlanket

CoInitializeEx

CoInitializeSecurity

CoUninitialize

CoCreateInstance

CoTaskMemFree

StringFromCLSID

VariantClear

SysFreeString

VariantInit

SysStringLen

SysAllocString

GetFileVersionInfoSizeW

VerQueryValueW

GetFileVersionInfoW

listen

accept

recvfrom

sendto

gethostbyname

connect

socket

closesocket

getpeername

getsockopt

htons

inet_ntoa

ntohs

getsockname

setsockopt

send

recv

select

WSAGetLastError

__WSAFDIsSet

WSASetLastError

WSAStartup

WSACleanup

gethostname

bind

shutdown

WSAIoctl

CryptMsgClose

CryptMsgGetParam

CertCloseStore

CertFindCertificateInStore

CertFreeCertificateContext

CertGetNameStringW

CryptQueryObject

CertNameToStrW

CryptDecodeObject

CryptCATAdminEnumCatalogFromHash

CryptCATCatalogInfoFromContext

CryptCATAdminAcquireContext

CryptCATAdminReleaseContext

CryptCATAdminCalcHashFromFileHandle

CryptCATAdminReleaseCatalogContext

WinVerifyTrust

GetModuleFileNameExW

GetProcessImageFileNameW

GetModuleBaseNameW

GetMappedFileNameW

GetProfilesDirectoryW

InitCommonControlsEx

ImageList_Destroy

ImageList_ReplaceIcon

ord413

ImageList_SetOverlayImage

ord410

ImageList_Create

InternetCrackUrlW

WinHttpReceiveResponse

WinHttpSetOption

WinHttpSendRequest

WinHttpConnect

WinHttpCloseHandle

WinHttpQueryHeaders

WinHttpQueryDataAvailable

WinHttpOpen

WinHttpOpenRequest

WinHttpReadData

PathGetArgsW

PathIsRelativeW

PathFindFileNameW

PathCanonicalizeW

PathFindExtensionW

PathGetDriveNumberW

PathRemoveBlanksW

PathFileExistsW

PathIsRootW

PathCompactPathW

PathSearchAndQualifyW

PathIsDirectoryW

PathUnExpandEnvStringsW

PathIsPrefixW

PathRemoveExtensionW

PathIsNetworkPathW

AssocQueryStringW

PathAppendW

PathCommonPrefixW

PathAddBackslashW

PathUnquoteSpacesW

PathQuoteSpacesW

PathRemoveArgsW

PathMakePrettyW

StrCmpIW

StrDupW

StrCmpNIW

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ