IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

ReleaseSRWLockShared

GetModuleFileNameW

InitializeCriticalSection

TryEnterCriticalSection

LeaveCriticalSection

VirtualQuery

GetFullPathNameW

CreateToolhelp32Snapshot

Thread32First

Thread32Next

K32EnumProcessModulesEx

OpenThread

ReadProcessMemory

DuplicateHandle

GetCurrentProcess

GetFileInformationByHandle

GetBinaryTypeW

ProcessIdToSessionId

GetSystemTime

SystemTimeToFileTime

TryAcquireSRWLockExclusive

K32GetModuleFileNameExW

GetTimeZoneInformation

GetComputerNameW

GetTickCount64

WaitForSingleObjectEx

GetCurrentProcessId

ResetEvent

WaitForMultipleObjectsEx

MultiByteToWideChar

WideCharToMultiByte

lstrcpyW

GetCurrentThreadId

lstrcmpA

LoadLibraryW

SetLastError

GetOverlappedResult

CancelIo

EnterCriticalSection

ResumeThread

VirtualAlloc

VirtualFree

GetWindowsDirectoryW

lstrlenW

HeapAlloc

HeapFree

GetProcessHeap

CreateRemoteThread

GetCurrentThread

GetExitCodeThread

VirtualQueryEx

WriteProcessMemory

VirtualFreeEx

GetCurrentDirectoryW

CreateFileA

ExitProcess

TerminateProcess

CreateProcessA

CreateProcessW

GetTickCount

GetSystemDirectoryW

CreatePipe

ReleaseSemaphore

ReleaseMutex

CreateMutexW

ReleaseSRWLockExclusive

SetThreadPriority

FreeLibrary

GetModuleHandleA

LoadLibraryA

lstrcpyA

lstrcatA

lstrlenA

IsBadReadPtr

CreateEventExW

CreateFileMappingA

GetModuleFileNameA

ExitThread

FlushInstructionCache

OpenMutexW

OpenEventW

OpenFileMappingW

GetThreadContext

WriteConsoleW

ReadConsoleW

GetConsoleMode

GetConsoleOutputCP

FlushFileBuffers

SetStdHandle

FreeEnvironmentStringsW

GetEnvironmentStringsW

GetCommandLineW

GetCommandLineA

GetOEMCP

AcquireSRWLockShared

AcquireSRWLockExclusive

TerminateThread

WaitForSingleObject

GetFinalPathNameByHandleW

IsWow64Process

GetNativeSystemInfo

CreateEventW

VirtualProtectEx

VirtualAllocEx

GetFileTime

FileTimeToSystemTime

UnmapViewOfFile

MapViewOfFile

CreateFileMappingW

GetProcAddress

SetThreadpoolTimer

GetModuleHandleW

GetProcessTimes

GetFileSize

MoveFileExW

LocalAlloc

CloseThreadpoolIo

WaitForThreadpoolIoCallbacks

CancelIoEx

CancelThreadpoolIo

DeviceIoControl

StartThreadpoolIo

CreateThreadpoolIo

GetFileInformationByHandleEx

GetFileType

DecodePointer

DeleteCriticalSection

InitializeCriticalSectionEx

RaiseException

LocalFree

Sleep

MoveFileW

SetEndOfFile

SetFilePointer

WriteFile

ReadFile

CreateFileW

CreateDirectoryW

CloseHandle

QueryFullProcessImageNameW

OpenProcess

K32EnumProcesses

FindClose

WaitForMultipleObjects

FindNextFileW

GetACP

IsValidCodePage

SetFilePointerEx

HeapSize

HeapReAlloc

EnumSystemLocalesW

GetUserDefaultLCID

IsValidLocale

GetLocaleInfoW

LCMapStringW

GetStdHandle

GetModuleHandleExW

FreeLibraryAndExitThread

LoadLibraryExW

TlsFree

TlsSetValue

TlsGetValue

TlsAlloc

InterlockedFlushSList

RtlUnwind

OutputDebugStringW

InitializeSListHead

GetStartupInfoW

IsDebuggerPresent

IsProcessorFeaturePresent

SetUnhandledExceptionFilter

UnhandledExceptionFilter

InitializeCriticalSectionAndSpinCount

CreateThread

FindFirstFileExW

CopyFileW

GetFileAttributesW

QueryDosDeviceW

GetLogicalDrives

VerSetConditionMask

VerifyVersionInfoW

SetEvent

GetLastError

CloseThreadpoolTimer

WaitForThreadpoolTimerCallbacks

CreateThreadpoolTimer

CreateSemaphoreW

InitOnceBeginInitialize

InitOnceComplete

GetStringTypeW

SwitchToThread

EncodePointer

LCMapStringEx

CompareStringEx

GetCPInfo

QueryPerformanceCounter

GetSystemTimeAsFileTime

VirtualProtect

TranslateMessage

DispatchMessageW

PeekMessageW

wsprintfW

OpenInputDesktop

CloseDesktop

GetThreadDesktop

GetUserObjectInformationA

MsgWaitForMultipleObjects

ConvertSidToStringSidW

OpenServiceW

CloseServiceHandle

NotifyServiceStatusChangeW

RegGetValueW

RegCloseKey

RegOpenKeyExW

RegSetKeyValueW

RegCreateKeyExW

RegEnumKeyExW

RegQueryValueExW

RegQueryInfoKeyW

RegEnumValueW

OpenProcessToken

GetTokenInformation

GetKernelObjectSecurity

FreeSid

AllocateAndInitializeSid

LookupPrivilegeValueW

AdjustTokenPrivileges

StartServiceW

QueryServiceStatus

QueryServiceConfigW

DeleteService

CreateServiceW

ControlService

ChangeServiceConfigW

RegSetValueExW

RegSetValueExA

RegQueryValueExA

RegOpenKeyExA

RegEnumKeyW

RegDeleteValueA

RegDeleteKeyW

GetSidSubAuthorityCount

GetSidSubAuthority

LookupAccountSidW

CryptReleaseContext

CryptDestroyHash

CryptGetHashParam

CryptHashData

CryptCreateHash

CryptAcquireContextW

SystemFunction036

QueryServiceStatusEx

SetSecurityDescriptorDacl

InitializeSecurityDescriptor

SetEntriesInAclW

IsValidSid

OpenSCManagerW

CommandLineToArgvW

CoSetProxyBlanket

CoCreateInstance

CoUninitialize

CoInitializeEx

CoInitializeSecurity

SysAllocString

SysFreeString

VariantInit

VariantClear

RtlComputeCrc32

RtlImageRvaToVa

RtlImageDirectoryEntryToData

NtQueryVirtualMemory

NtQueryInformationProcess

GetProfilesDirectoryW

PathIsDirectoryW

PathFileExistsW

ImageRvaToVa

ImageDirectoryEntryToDataEx

ImageNtHeader

MiniDumpWriteDump

VerQueryValueW

GetFileVersionInfoW

GetFileVersionInfoSizeW

LsaFreeReturnBuffer

LsaGetLogonSessionData

CryptBinaryToStringW

CryptBinaryToStringA

CryptProtectData

CryptUnprotectData

CertGetNameStringW

CryptStringToBinaryA

CryptMsgGetParam

CertFindCertificateInStore

CertFreeCertificateContext

CertCloseStore

CryptMsgClose

CryptDecodeObject

CryptQueryObject

WTHelperGetProvCertFromChain

WinVerifyTrust

WTHelperGetProvSignerFromChain

WTHelperProvDataFromStateData

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ