IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

wcsstr

wcspbrk

RtlAppendUnicodeStringToString

wcsspn

wcscat_s

wcscpy_s

DbgPrintEx

_vscwprintf

NtQueryInformationFile

NtOpenProcessToken

NtQueryInformationToken

RtlGetFileMUIPath

NlsMbCodePageTag

NtQueryKey

NtEnumerateValueKey

NtQueryAttributesFile

NtMapViewOfSection

RtlDowncaseUnicodeString

NtDeleteValueKey

RtlInitAnsiString

RtlGetVersion

LdrGetProcedureAddress

RtlInitString

NtCreateKey

NtQueryInformationProcess

NtQueryDirectoryFile

NtUnmapViewOfSection

ord7

NtCreateFile

RtlNtStatusToDosError

strspn

RtlGetNativeSystemInformation

RtlUnicodeStringToInteger

NtSetValueKey

NtSetInformationKey

NtDeleteKey

RtlGetFullPathName_U

strpbrk

NtOpenFile

NtCreateSection

DbgPrint

NtWriteFile

_wcsupr

strncmp

toupper

RtlUpcaseUnicodeChar

RtlUpcaseUnicodeToMultiByteN

RtlSecondsSince1970ToTime

RtlImageRvaToVa

RtlImageDirectoryEntryToData

swscanf_s

RtlGUIDFromString

strchr

isdigit

LdrResSearchResource

LdrResFindResource

wcsncmp

EtwEventWriteNoRegistration

NtQueryObject

RtlAddVectoredExceptionHandler

strcpy_s

_wcslwr

RtlAllocateAndInitializeSid

RtlCheckTokenMembership

RtlFreeSid

_strnicmp

_itoa_s

RtlCreateUnicodeStringFromAsciiz

wcsnlen

RtlEqualSid

_strupr

RtlRandom

RtlCompareMemory

LdrEnumerateLoadedModules

RtlReAllocateHeap

RtlComputeCrc32

RtlInitUnicodeStringEx

LdrLoadDll

sprintf_s

sscanf_s

RtlLengthRequiredSid

RtlCreateServiceSid

NtQuerySecurityObject

RtlGetOwnerSecurityDescriptor

NtProtectVirtualMemory

wcschr

NtReadFile

RtlUpcaseUnicodeString

qsort

WinSqmIsOptedIn

RtlCaptureContext

RtlLookupFunctionEntry

RtlVirtualUnwind

LdrGetProcedureAddressEx

ord4

ord3

NtResumeThread

RtlDoesFileExists_U

RtlCreateUnicodeString

_wcsnicmp

_vsnwprintf

LdrInitShimEngineDynamic

RtlAnsiStringToUnicodeString

RtlInitAnsiStringEx

RtlCaptureStackBackTrace

RtlLeaveCriticalSection

RtlEnterCriticalSection

RtlTimeToTimeFields

_vsnprintf

_stricmp

strrchr

_wtoi

RtlDeleteCriticalSection

RtlInitializeCriticalSection

LdrFindEntryForAddress

EtwEventUnregister

EtwEventRegister

swprintf_s

EtwEventWrite

LdrGetDllHandle

RtlFreeAnsiString

RtlUnicodeStringToAnsiString

RtlSetEnvironmentVariable

RtlQueryEnvironmentVariable_U

RtlDosPathNameToRelativeNtPathName_U

NtApphelpCacheControl

RtlDosPathNameToNtPathName_U

_wcsicmp

wcsrchr

RtlNtPathNameToDosPathName

RtlpEnsureBufferSize

NtClose

RtlExpandEnvironmentStrings_U

NtQueryValueKey

NtOpenKey

RtlFreeHeap

RtlFreeUnicodeString

RtlDuplicateUnicodeString

memmove

RtlStringFromGUID

RtlAppendUnicodeToString

RtlCopyUnicodeString

RtlAllocateHeap

RtlFormatCurrentUserKeyPath

RtlxAnsiStringToUnicodeSize

RtlInitUnicodeString

RtlDosPathNameToRelativeNtPathName_U_WithStatus

RtlReleaseRelativeName

RtlImageNtHeader

memcpy

memset

__C_specific_handler

__chkstk

memcmp

BaseDumpAppcompatCache

BaseFlushAppcompatCache

BaseUpdateAppcompatCache

BaseIsAppcompatInfrastructureDisabled

BaseCheckAppcompatCacheEx

SwitchToThread

VirtualFree

VirtualAlloc

GetModuleHandleExW

GetModuleHandleExA

SizeofResource

CompareFileTime

WideCharToMultiByte

GetModuleFileNameW

ProcessIdToSessionId

GetTickCount64

GetFinalPathNameByHandleW

LocalFree

CompareStringA

LocalAlloc

SetLastError

GetFileSizeEx

CompareStringW

LoadLibraryExW

lstrlenA

GetCurrentDirectoryW

IsDBCSLeadByte

GetFileAttributesW

GetSystemDirectoryW

WriteFile

VerLanguageNameW

IsWow64Process

ReadProcessMemory

OutputDebugStringW

GetUserDefaultUILanguage

LockResource

GetExitCodeProcess

LoadLibraryW

WaitForSingleObject

GetSystemWindowsDirectoryW

CreateProcessW

LoadResource

FreeLibrary

FindResourceW

FindNextFileW

FindClose

ReadFile

SetFilePointerEx

SetErrorMode

SetFilePointer

FindFirstFileW

DeleteFileW

GetTempPathW

GetTempFileNameW

WriteProcessMemory

GetTickCount

GetSystemTimeAsFileTime

GetCurrentThreadId

QueryPerformanceCounter

SetUnhandledExceptionFilter

UnhandledExceptionFilter

TerminateProcess

GetProcAddress

OpenMutexW

DisableThreadLibraryCalls

CreateFileW

GetLastError

CloseHandle

OpenProcess

GetDriveTypeW

GetLongPathNameW

GetCurrentProcessId

GetProcessTimes

GetCurrentProcess

GetPackageFullName

PackageIdFromFullName

AppXGetOSMaxVersionTested

GetEnvironmentVariableW

ExpandEnvironmentStringsW

GetModuleHandleW

OutputDebugStringA

GetAce

GetAclInformation

GetSecurityDescriptorDacl

RegGetKeySecurity

RegOpenKeyExA

RegCloseKey

RegOpenKeyExW

RegQueryValueExW

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ