IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

wcsrchr

wcsstr

strncmp

wcsnlen

_wcsupr

_wcslwr

_snwscanf_s

wcschr

memmove

swprintf_s

_ultow_s

wcscpy_s

wcscat_s

memcmp

memcpy

__CxxFrameHandler3

_onexit

__dllonexit

wcstoul

_wcsnicmp

_unlock

_lock

__C_specific_handler

_initterm

malloc

free

_amsg_exit

_XcptFilter

_purecall

qsort_s

??2@YAPEAX_K@Z

??3@YAXPEAX@Z

_vsnwprintf

_wcsicmp

memset

PropVariantClear

CoTaskMemAlloc

CoTaskMemFree

RegOpenKeyExW

RegCloseKey

RegGetValueW

RegEnumKeyExW

RegQueryValueExW

RegQueryInfoKeyW

RegUnLoadKeyW

RegLoadKeyW

RegCreateKeyExW

RegSetValueExW

CompareStringEx

InitOnceExecuteOnce

Sleep

SetEvent

WaitForSingleObject

SetThreadPreferredUILanguages

LocaleNameToLCID

UnhandledExceptionFilter

SetUnhandledExceptionFilter

GetLastError

GetFirmwareEnvironmentVariableW

SetFirmwareEnvironmentVariableW

GetTickCount

GetSystemInfo

GetSystemTimeAsFileTime

CloseHandle

GetCurrentThreadId

GetCurrentProcess

GetCurrentProcessId

TerminateProcess

CreateThread

DisableThreadLibraryCalls

QueryPerformanceCounter

RtlVirtualUnwind

RtlLookupFunctionEntry

RtlCaptureContext

RegSetKeyValueW

RegEnumKeyW

ord6

ord4

ord2

ord8

ord7

RtlFreeSid

RtlSetDaclSecurityDescriptor

ZwDeleteValueKey

ZwSetValueKey

ZwQueryValueKey

RtlLengthSecurityDescriptor

ZwSetSecurityObject

RtlAddAccessAllowedAceEx

ZwLoadKey

RtlAllocateAndInitializeSid

ZwDeleteKey

ZwEnumerateKey

RtlLengthSid

RtlCreateSecurityDescriptor

ZwQueryKey

ZwOpenKey

RtlSetOwnerSecurityDescriptor

ZwAllocateUuids

RtlInitAnsiString

LdrGetProcedureAddress

LdrGetDllHandle

NtOpenProcessTokenEx

NtSetInformationThread

RtlImpersonateSelf

NtOpenThreadTokenEx

NtClose

NtAdjustPrivilegesToken

ZwCreateEvent

ZwQuerySymbolicLinkObject

ZwOpenSymbolicLinkObject

ZwDeviceIoControlFile

ZwResetEvent

NtQuerySystemInformation

NtOpenKey

NtDeviceIoControlFile

NtOpenSymbolicLinkObject

NtQuerySymbolicLinkObject

NtWaitForSingleObject

NtCreateEvent

NtQueryValueKey

NtOpenFile

NtResetEvent

NtQueryBootEntryOrder

NtTranslateFilePath

NtEnumerateBootEntries

RtlNtStatusToDosError

RtlCopyUnicodeString

RtlpNtQueryValueKey

RtlUnicodeStringToAnsiString

NtShutdownSystem

RtlpSetPreferredUILanguages

ZwCreateKey

ZwUnloadKey

RtlAppendUnicodeToString

ZwQueryAttributesFile

ZwOpenFile

RtlAllocateHeap

ZwClose

ZwWaitForSingleObject

ZwReleaseMutant

ZwOpenMutant

RtlGUIDFromString

RtlFreeUnicodeString

ZwQuerySystemInformation

RtlInitUnicodeString

RtlFreeHeap

RtlStringFromGUID

RtlAcquirePrivilege

RtlReleasePrivilege

RtlAdjustPrivilege

RtlCreateAcl

WinReGetConfig

WinReRestoreLogFiles

WinReGetCustomization

WinReSetRecoveryAction

SetSysColors

LoadKeyboardLayoutW

GetKeyboardLayoutNameW

GetKeyboardLayout

SystemParametersInfoW

ord95

GetProcAddress

GetThreadPreferredUILanguages

EnumUILanguagesW

FreeLibrary

CreateFileW

LoadLibraryW

LCIDToLocaleName

GetLocaleInfoEx

SetLastError

GetFileAttributesW

VerQueryValueW

GetFileVersionInfoW

GetFileVersionInfoSizeW

ConvertSidToStringSidW

SystemFunction031

SystemFunction027

SystemFunction007

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ