IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_32BIT_MACHINE

lstrlenW

GetDriveTypeW

GetDiskFreeSpaceW

QueryDosDeviceW

GetVolumeInformationW

IsBadReadPtr

IsBadWritePtr

GetVolumeNameForVolumeMountPointW

GetVolumePathNameW

lstrcmpA

lstrcpyW

RaiseException

CreateThread

OpenThread

WriteProcessMemory

CreateRemoteThread

Module32FirstW

Module32NextW

InterlockedDecrement

DefineDosDeviceW

SetErrorMode

GetSystemInfo

GetSystemTimes

FormatMessageW

SetHandleInformation

PeekNamedPipe

CreateNamedPipeW

CancelIo

GetModuleFileNameA

GetEnvironmentVariableW

OutputDebugStringA

GetVersionExA

SetFilePointer

GlobalAlloc

GlobalFree

LoadLibraryExW

GetCurrentThreadId

TlsAlloc

TlsGetValue

TlsSetValue

TlsFree

GetModuleHandleExW

SwitchToFiber

DeleteFiber

CreateFiber

QueryPerformanceCounter

GetSystemTimeAsFileTime

ConvertFiberToThread

ConvertThreadToFiber

LoadLibraryA

ReadConsoleA

ReadConsoleW

FormatMessageA

InitializeCriticalSection

SleepEx

QueryPerformanceFrequency

GetSystemDirectoryA

VerifyVersionInfoA

ExpandEnvironmentStringsA

CreateFileMappingA

lstrcmpiW

VirtualQuery

SetFilePointerEx

FlushFileBuffers

ReadFile

GetFileType

LocalAlloc

DeviceIoControl

GetTickCount

GetVersionExW

VerSetConditionMask

SetThreadUILanguage

LockFileEx

UnlockFile

HeapCompact

DeleteFileA

FlushViewOfFile

GetFileAttributesA

GetDiskFreeSpaceA

GetTempPathA

HeapValidate

CreateMutexW

UnlockFileEx

LockFile

AreFileApisANSI

VirtualQueryEx

CreateFileA

HeapCreate

GetFileSize

GetPrivateProfileStringW

HeapDestroy

InterlockedIncrement

FindResourceW

SizeofResource

LoadResource

LockResource

GetFileSizeEx

OutputDebugStringW

SetEnvironmentVariableA

FreeEnvironmentStringsW

GetEnvironmentStringsW

GetOEMCP

SetThreadLocale

GetThreadLocale

GetUserGeoID

GetGeoInfoW

GetLocaleInfoW

GetModuleFileNameW

Sleep

LoadLibraryW

FreeLibrary

CreateFileMappingW

UnmapViewOfFile

MapViewOfFile

GetComputerNameW

GetTempFileNameW

GetTempPathW

GetSystemDirectoryW

DeleteCriticalSection

TryEnterCriticalSection

InitializeCriticalSectionAndSpinCount

LeaveCriticalSection

EnterCriticalSection

CreateEventW

WaitForMultipleObjects

ResetEvent

SetEvent

GetProcessHeap

HeapFree

HeapAlloc

Thread32Next

Thread32First

Process32NextW

Process32FirstW

CreateToolhelp32Snapshot

TerminateJobObject

AssignProcessToJobObject

CreateJobObjectW

CreateProcessW

GetModuleHandleA

WaitForSingleObject

ReadProcessMemory

SetLastError

TerminateThread

GetProcessId

GetExitCodeProcess

TerminateProcess

GetCurrentProcessId

GetCurrentProcess

OpenProcess

GetProcessTimes

GetDateFormatW

GetTimeFormatW

CompareFileTime

FileTimeToSystemTime

SystemTimeToFileTime

TzSpecificLocalTimeToSystemTime

SystemTimeToTzSpecificLocalTime

GetSystemTime

CreateConsoleScreenBuffer

WriteConsoleW

SetConsoleWindowInfo

SetConsoleCursorInfo

SetConsoleCursorPosition

SetConsoleScreenBufferSize

SetConsoleActiveScreenBuffer

SetConsoleMode

GetConsoleCursorInfo

GetNumberOfConsoleInputEvents

GetConsoleMode

FillConsoleOutputCharacterW

WriteConsoleOutputW

ReadConsoleOutputW

ReadConsoleInputW

WriteFile

MoveFileExW

MoveFileW

CopyFileW

FindNextFileW

FindFirstFileW

GetFileAttributesExW

GetFileAttributesW

SetFileAttributesW

GetLastError

RemoveDirectoryW

CreateDirectoryW

GetFileTime

DeleteFileW

IsValidCodePage

FindNextFileA

FindFirstFileExA

GetTimeZoneInformation

HeapSize

SetEndOfFile

GetFullPathNameA

SetStdHandle

CreateProcessA

EnumSystemLocalesW

GetUserDefaultLCID

IsValidLocale

GetConsoleCP

GetACP

GetCommandLineA

HeapReAlloc

FreeLibraryAndExitThread

ExitThread

ExitProcess

InterlockedPushEntrySList

RtlUnwind

GetStartupInfoW

IsDebuggerPresent

InitializeSListHead

IsProcessorFeaturePresent

SetUnhandledExceptionFilter

UnhandledExceptionFilter

WaitForSingleObjectEx

LCMapStringW

CompareStringW

GetCPInfo

DecodePointer

EncodePointer

GetStringTypeW

CreateFileW

GetModuleHandleW

BackupSeek

BackupRead

FindClose

GetProcAddress

WideCharToMultiByte

MultiByteToWideChar

GetFullPathNameW

GetCurrentDirectoryW

ExpandEnvironmentStringsW

GetLongPathNameW

GetShortPathNameW

GetCommandLineW

LocalFree

SetConsoleCtrlHandler

SetConsoleTextAttribute

GetConsoleScreenBufferInfo

GetStdHandle

CloseHandle

SwitchToThread

FindWindowA

SendMessageA

MessageBoxW

GetUserObjectInformationW

GetProcessWindowStation

SystemParametersInfoW

GetSystemMetrics

CharNextW

LoadStringW

GetClassNameW

EnumChildWindows

GetWindowTextW

IsWindowVisible

SendMessageW

GetWindowThreadProcessId

EnumWindows

SHGetFolderPathW

CommandLineToArgvW

ShellExecuteW

ord51

ShellExecuteExW

StringFromCLSID

CoTaskMemRealloc

CoTaskMemAlloc

CoSetProxyBlanket

CoTaskMemFree

CoCreateInstance

CoInitializeSecurity

CoInitializeEx

CoUninitialize

VariantClear

VarUI4FromStr

SysStringLen

VariantInit

SysAllocString

SysFreeString

CryptSignHashW

GetSecurityInfo

LookupPrivilegeValueA

OpenProcessToken

AdjustTokenPrivileges

LookupPrivilegeValueW

CreateProcessAsUserW

DuplicateTokenEx

RegCloseKey

RegCreateKeyExW

RegDeleteKeyW

RegDeleteValueW

RegEnumKeyExW

RegEnumValueW

RegOpenKeyExW

RegQueryInfoKeyW

RegSetValueExW

CryptGenRandom

CryptEnumProvidersW

CryptDestroyHash

CryptCreateHash

CryptDecrypt

CryptExportKey

CryptGetUserKey

CryptGetProvParam

CryptSetHashParam

CryptDestroyKey

CryptReleaseContext

CryptAcquireContextW

LookupAccountNameW

CopySid

GetLengthSid

ConvertStringSidToSidW

ConvertSidToStringSidW

SetNamedSecurityInfoW

GetNamedSecurityInfoW

GetExplicitEntriesFromAclW

RegSetKeySecurity

RegGetKeySecurity

LookupAccountSidW

GetAce

IsValidSid

SetEntriesInAclW

CheckTokenMembership

SetSecurityDescriptorOwner

SetSecurityDescriptorDacl

IsValidSecurityDescriptor

InitializeSecurityDescriptor

InitializeAcl

FreeSid

AllocateAndInitializeSid

GetTokenInformation

StartServiceW

SetServiceObjectSecurity

QueryServiceStatusEx

QueryServiceStatus

QueryServiceConfig2W

QueryServiceConfigW

OpenServiceW

OpenSCManagerW

EnumServicesStatusW

EnumDependentServicesW

DeleteService

CreateServiceW

ControlService

CloseServiceHandle

ChangeServiceConfig2W

ChangeServiceConfigW

RegQueryValueExW

ReportEventW

RegisterEventSourceW

DeregisterEventSource

GetUserNameW

GetFileVersionInfoSizeW

GetFileVersionInfoW

VerQueryValueW

PathGetDriveNumberW

PathGetArgsW

PathSearchAndQualifyW

PathRemoveFileSpecW

PathUnquoteSpacesW

PathFindFileNameW

PathFindExtensionW

PathFileExistsW

PathCommonPrefixW

PathAppendW

PathAddBackslashW

PathRemoveExtensionW

PathRemoveBlanksW

PathRemoveBackslashW

StrCmpIW

StrDupW

AssocQueryStringW

StrFormatByteSizeW

PathRemoveArgsW

PathQuoteSpacesW

PathIsNetworkPathW

PathIsPrefixW

PathUnExpandEnvStringsW

PathIsRelativeW

PathIsDirectoryW

GetProcessImageFileNameW

GetModuleFileNameExW

GetModuleBaseNameW

GetModuleInformation

NtDeleteValueKey

NtSetValueKey

NtCreateKey

memmove

NtDeleteKey

memchr

isspace

memset

toupper

tolower

NtOpenKey

floor

memcpy

wcsstr

_wcsicmp

strcspn

memcmp

_CIpow

islower

isupper

wcstombs

strpbrk

strtol

strstr

atoi

_stricmp

_wtoi64

_strnicmp

NtQueryKey

isalnum

NtQueryVirtualMemory

strtoul

strspn

strncmp

strcmp

strrchr

strncpy

qsort

NtQuerySystemInformation

isdigit

strchr

wcsrchr

wcschr

RtlInitUnicodeString

NtLoadDriver

NtUnloadDriver

towupper

isprint

InternetGetConnectedState

CreateEnvironmentBlock

DestroyEnvironmentBlock

GetProfilesDirectoryW

CryptCATAdminEnumCatalogFromHash

WinVerifyTrust

CryptCATAdminAcquireContext

CryptCATAdminReleaseContext

CryptCATAdminReleaseCatalogContext

CryptCATAdminCalcHashFromFileHandle

CryptCATCatalogInfoFromContext

WNetGetConnectionW

WTSEnumerateSessionsW

WTSQueryUserToken

WSAStartup

WSACleanup

WSAGetLastError

recv

send

WSASetLastError

accept

bind

__WSAFDIsSet

connect

listen

setsockopt

socket

getpeername

sendto

recvfrom

gethostname

getsockopt

inet_ntoa

closesocket

htonl

select

htons

getsockname

ntohs

shutdown

getnameinfo

freeaddrinfo

getaddrinfo

WSAIoctl

CertGetCertificateContextProperty

CertDuplicateCertificateContext

CertEnumCertificatesInStore

CertOpenStore

CryptQueryObject

CertGetNameStringW

CertNameToStrW

CertFreeCertificateContext

CertFindCertificateInStore

CertCloseStore

CryptMsgGetParam

CryptMsgClose

CryptDecodeObject

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ