IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

_wcslwr_s

memcmp

memcpy

memmove

towlower

wcscmp

_wtoi

qsort_s

swprintf_s

sprintf_s

wcscpy_s

wcsnlen

wcsstr

wcstoul

memset

__C_specific_handler

_wtol

_ultow_s

wcsrchr

wcsncmp

_wcsicmp

wcschr

_wcsnicmp

iswctype

memmove_s

_vsnwprintf_s

memcpy_s

exit

_onexit

_purecall

_initterm_e

_initterm

__dllonexit3

FreeLibrary

GetModuleHandleW

GetModuleFileNameA

LoadStringW

GetModuleHandleExW

LoadLibraryExW

GetProcAddress

CreateWaitableTimerExW

LeaveCriticalSection

OpenSemaphoreW

WaitForSingleObjectEx

SetEvent

AcquireSRWLockExclusive

SetWaitableTimer

ReleaseSRWLockShared

CreateMutexExW

ReleaseSRWLockExclusive

OpenEventW

ReleaseSemaphore

EnterCriticalSection

CancelWaitableTimer

AcquireSRWLockShared

InitializeCriticalSection

CreateSemaphoreExW

InitializeSRWLock

WaitForSingleObject

TryAcquireSRWLockExclusive

ResetEvent

DeleteCriticalSection

WaitForMultipleObjectsEx

CreateEventW

InitializeCriticalSectionEx

ReleaseMutex

HeapFree

HeapSetInformation

GetProcessHeap

HeapAlloc

SetErrorMode

GetLastError

SetLastError

SetUnhandledExceptionFilter

UnhandledExceptionFilter

CloseThreadpoolWork

SetThreadpoolTimer

CreateThreadpoolWork

CreateThreadpoolTimer

CloseThreadpoolCleanupGroupMembers

CloseThreadpoolCleanupGroup

SubmitThreadpoolWork

TrySubmitThreadpoolCallback

CallbackMayRunLong

CloseThreadpoolTimer

WaitForThreadpoolTimerCallbacks

CreateThreadpoolCleanupGroup

CreateThreadpool

CloseThreadpool

GetProcessTimes

GetCurrentThread

GetCurrentProcess

OpenProcessToken

CreateProcessW

GetCurrentThreadId

TerminateProcess

GetExitCodeProcess

GetCurrentProcessId

ExitThread

CreateProcessAsUserW

DeleteProcThreadAttributeList

UpdateProcThreadAttribute

InitializeProcThreadAttributeList

ResumeThread

CreateThread

SetProcessShutdownParameters

SetThreadPriority

OpenThreadToken

GetProcessId

FormatMessageW

GetThreadUILanguage

OutputDebugStringW

DebugBreak

IsDebuggerPresent

DuplicateHandle

CloseHandle

RpcServerUseProtseqEpW

RpcAsyncAbortCall

UuidCreateNil

UuidEqual

I_RpcBindingIsClientLocal

I_RpcSessionStrictContextHandle

I_RpcBindingInqLocalClientPID

RpcServerUnsubscribeForNotification

RpcServerSubscribeForNotification

I_RpcMapWin32Status

UuidCreate

RpcStringFreeW

UuidFromStringW

NdrClientCall3

I_RpcExceptionFilter

RpcStringBindingComposeW

RpcBindingFromStringBindingW

UuidToStringW

RpcBindingFree

RpcServerInqCallAttributesA

RpcServerInqDefaultPrincNameW

RpcServerRegisterAuthInfoW

RpcEpRegisterW

RpcStringBindingParseW

RpcAsyncCompleteCall

RpcImpersonateClient

RpcRevertToSelf

RpcServerInqCallAttributesW

RpcBindingToStringBindingW

RpcServerInqBindings

RpcServerUseProtseqW

RpcServerRegisterIfEx

RpcServerInqBindingHandle

RpcServerRegisterIf3

RpcBindingVectorFree

RpcServerUnregisterIf

NdrAsyncServerCall

NdrServerCall2

RpcServerRegisterIf

RpcMgmtWaitServerListen

RpcMgmtStopServerListening

RpcServerListen

GetSystemWindowsDirectoryW

GetSystemTime

GetComputerNameExW

GlobalMemoryStatusEx

GetTickCount

GetSystemTimeAsFileTime

GetTickCount64

GetSystemDirectoryW

GetVersionExW

GetKernelObjectSecurity

SetSecurityDescriptorGroup

AddAuditAccessAceEx

IsValidAcl

SetSecurityDescriptorControl

AddAccessAllowedAceEx

SetKernelObjectSecurity

SetSecurityDescriptorSacl

GetAce

GetSecurityDescriptorControl

CopySid

GetLengthSid

InitializeAcl

ImpersonateLoggedOnUser

GetTokenInformation

AddAccessDeniedAceEx

InitializeSecurityDescriptor

SetSecurityDescriptorOwner

SetFileSecurityW

EqualSid

AdjustTokenPrivileges

AddAccessAllowedAce

SetTokenInformation

AllocateLocallyUniqueId

AllocateAndInitializeSid

GetSecurityDescriptorDacl

AddAce

SetSecurityDescriptorDacl

FreeSid

RevertToSelf

CheckTokenMembership

LocalAlloc

LocalFree

RegGetKeySecurity

RegSetKeySecurity

RegNotifyChangeKeyValue

RegDeleteTreeW

RegOpenKeyExW

RegCloseKey

RegDeleteValueW

RegEnumKeyExW

RegGetValueW

RegLoadMUIStringW

RegQueryInfoKeyW

RegEnumValueW

RegQueryValueExW

RegCreateKeyExW

RegSetValueExW

InitializeConditionVariable

WakeConditionVariable

WaitOnAddress

WakeByAddressAll

Sleep

SleepConditionVariableSRW

ExpandEnvironmentStringsW

GetEnvironmentVariableW

SearchPathW

IsWow64Process2

GetSystemWow64DirectoryW

EventRegister

EventWriteTransfer

EventActivityIdControl

EventUnregister

EventSetInformation

QueryUnbiasedInterruptTime

SetProcessMitigationPolicy

OpenProcess

CompareStringOrdinal

WaitForMultipleObjects

FindFirstFileW

RemoveDirectoryW

FindClose

FindNextFileW

CompareFileTime

DeleteFileW

SetFileInformationByHandle

CreateFileW

CreateDirectoryW

DeviceIoControl

IsWow64Process

IsUserCetAvailableInEnvironment

GetOsManufacturingMode

SetConsoleCtrlHandler

RtlCompareMemory

RtlLookupFunctionEntry

RtlVirtualUnwind

RtlCaptureContext

QueryPerformanceCounter

NtAccessCheck

NtAccessCheckAndAuditAlarm

NtDuplicateToken

NtAdjustPrivilegesToken

RtlMapGenericMask

RtlSetOwnerSecurityDescriptor

RtlGetGroupSecurityDescriptor

RtlSetGroupSecurityDescriptor

RtlGetDaclSecurityDescriptor

RtlCreateAcl

RtlAddAccessAllowedAce

RtlGetAce

RtlAddAccessDeniedAce

RtlSetDaclSecurityDescriptor

RtlAbsoluteToSelfRelativeSD

RtlTestProtectedAccess

RtlSetProcessIsCritical

NtSetInformationToken

RtlIsStateSeparationEnabled

NtOpenProcessToken

NtOpenEvent

TpAllocPool

TpSetPoolMinThreads

TpAllocTimer

TpAllocWork

RtlUnhandledExceptionFilter

TpSetTimer

TpWaitForTimer

RtlInitializeCriticalSection

RtlValidRelativeSecurityDescriptor

RtlQuerySecurityObject

RtlSetSecurityObject

NtQuerySystemInformation

RtlWow64IsWowGuestMachineSupported

wcscspn

RtlSetSaclSecurityDescriptor

RtlInitializeSid

RtlSubAuthorityCountSid

RtlAddAce

RtlLengthRequiredSid

RtlDeriveCapabilitySidsFromName

RtlNewSecurityObject

RtlAnsiStringToUnicodeString

RtlUnicodeStringToAnsiString

RtlInitAnsiString

RtlGetPersistedStateLocation

wcscat_s

EtwRegisterTraceGuidsW

EtwGetTraceEnableLevel

EtwGetTraceLoggerHandle

EtwGetTraceEnableFlags

RtlUnicodeStringToInteger

_ltow_s

EtwUnregisterTraceGuids

RtlEqualSid

RtlGetOwnerSecurityDescriptor

RtlCreateServiceSid

NtCloseObjectAuditAlarm

NtCreateWnfStateName

NtOpenThread

NtQueueApcThread

RtlQueueApcWow64Thread

NtQueryInformationFile

NtSetInformationFile

RtlAppendUnicodeStringToString

NtWaitForSingleObject

NtQueryDirectoryFile

NtDeleteFile

EtwEventEnabled

EtwEventRegister

EvtIntReportEventAndSourceAsync

RtlUnsubscribeWnfNotificationWaitForCompletion

RtlSubAuthoritySid

RtlReplaceSystemDirectoryInPath

RtlExpandEnvironmentStrings

RtlSetControlSecurityDescriptor

RtlRegisterWait

NtDeleteKey

NtEnumerateKey

NtDeleteValueKey

NtSetValueKey

NtQueryValueKey

NtOpenKey

NtCreateKey

RtlValidSecurityDescriptor

EtwEventWrite

RtlSetEnvironmentVariable

RtlNtStatusToDosErrorNoTeb

TpReleaseTimer

RtlGetDeviceFamilyInfoEnum

TpSetTimerEx

RtlEqualUnicodeString

NtUnloadDriver

NtQueryDirectoryObject

NtOpenDirectoryObject

NtLoadDriver

RtlRandom

NtSetEvent

RtlGetNtProductType

TpReleaseWork

RtlLengthSecurityDescriptor

NtDeleteWnfStateName

NtSetInformationProcess

RtlInitializeResource

TpPostWork

RtlCopyLuid

RtlDeleteSecurityObject

RtlExpandEnvironmentStrings_U

RtlDeregisterWait

NtPowerInformation

DbgPrintEx

RtlPublishWnfStateData

RtlCompareUnicodeString

NtQueryInformationToken

NtQueryInformationProcess

RtlInitializeSRWLock

RtlReleaseSRWLockShared

RtlAcquireSRWLockShared

NtQuerySymbolicLinkObject

NtOpenSymbolicLinkObject

NtUnmapViewOfSection

RtlImageNtHeader

NtMapViewOfSection

NtCreateSection

NtOpenFile

RtlAppendUnicodeToString

RtlInitUnicodeStringEx

RtlFreeUnicodeString

RtlDosPathNameToNtPathName_U

NtDeleteObjectAuditAlarm

RtlReleaseSRWLockExclusive

RtlAcquireResourceExclusive

RtlAcquireSRWLockExclusive

RtlDeleteRegistryValue

RtlQueryRegistryValuesEx

NtSetInformationThread

NtQueryKey

NtShutdownSystem

NtInitializeRegistry

NtSetSystemEnvironmentValue

NtQueryWnfStateData

RtlWakeAddressAll

TpReleasePool

TpSimpleTryPost

DbgPrint

RtlVerifyVersionInfo

RtlDosPathNameToNtPathName_U_WithStatus

RtlCreateProcessParametersEx

NtCreateUserProcess

wcsncpy

RtlReleaseResource

RtlAcquireResourceShared

RtlAreAllAccessesGranted

NtPrivilegeCheck

NtOpenThreadToken

RtlLengthSid

RtlCopyUnicodeString

RtlWaitOnAddress

NtFilterToken

NtClose

RtlNtStatusToDosError

RtlCopySid

RtlInitUnicodeString

EtwTraceMessage

RtlFreeHeap

RtlAllocateHeap

NtPrivilegeObjectAuditAlarm

RtlCreateSecurityDescriptor

RtlGetCurrentServiceSessionId

RtlSubscribeWnfStateChangeNotification

ApiSetQueryApiSetPresence

LoadStringByReference

GetRegistryValueWithFallbackW

CryptResetMachineCredentials

EAQueryAggregateEventData

EaFreeAggregatedEventParameters

EaQueryAggregatedEventParameters

EACreateAggregateEvent

EaCreateAggregatedEvent

BriCreateBrokeredEvent

EaDeleteAggregatedEvent

BriDeleteBrokeredEvent

EADeleteAggregateEvent

StartTraceW

EnableTraceEx2

ControlTraceW

GetFileVersionInfoExW

GetFileVersionInfoSizeExW

VerQueryValueW

CM_Get_Device_ID_ListW

CM_Get_DevNode_Status

CM_Get_Device_ID_List_SizeW

CM_Query_And_Remove_SubTreeW

CM_Get_DevNode_Registry_PropertyW

CM_Locate_DevNodeW

CM_Setup_DevNode

TraceMessage

LoadLibraryW

FileTimeToSystemTime

GetDateFormatW

VerSetConditionMask

ResolveDelayLoadedAPI

DelayLoadFailureHook

DevObjOpenDevRegKey

DevObjCreateDeviceInfoList

DevObjOpenDeviceInfo

DevObjDestroyDeviceInfoList

DevObjGetClassDevs

DevObjEnumDeviceInfo

DevObjGetDeviceInfoListDetail

DevObjGetDeviceRegistryProperty

DevObjGetDeviceInstanceId

DevObjDeleteDeviceInfo

DevObjGetDeviceProperty

RegisterWaitForSingleObjectEx

UnregisterWaitEx

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ