IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

HeapCompact

UnlockFile

CreateFileMappingA

LockFileEx

GetFileSize

DeleteFileA

CreateFileA

GetDiskFreeSpaceW

GetProcessHeap

FlushViewOfFile

HeapAlloc

HeapReAlloc

HeapSize

HeapFree

GetTickCount

ReleaseMutex

DecodePointer

GetCurrentThreadId

WaitForSingleObject

LoadLibraryExW

FindResourceW

LoadResource

SizeofResource

MultiByteToWideChar

EnterCriticalSection

LeaveCriticalSection

lstrcmpiW

GetModuleHandleW

FreeLibrary

GetProcAddress

GetFileAttributesA

GetDiskFreeSpaceA

GetTempPathA

HeapValidate

GetFullPathNameW

HeapCreate

TryEnterCriticalSection

AreFileApisANSI

QueryPerformanceFrequency

GetVolumeNameForVolumeMountPointW

GetLogicalDriveStringsW

HeapDestroy

DeviceIoControl

WriteConsoleW

SetEnvironmentVariableA

GetCommandLineW

GetCommandLineA

GetOEMCP

LockFile

InitializeCriticalSection

GetFullPathNameA

SetLastError

UnlockFileEx

IsValidCodePage

FlushFileBuffers

SetStdHandle

GetConsoleCP

GetTimeZoneInformation

EnumSystemLocalesW

IsValidLocale

GetTimeFormatW

GetDateFormatW

GetACP

GetStdHandle

ExitProcess

VirtualQuery

VirtualProtect

SystemTimeToTzSpecificLocalTime

FindNextFileW

FindFirstFileExW

ReadConsoleW

GetConsoleMode

GetFileType

FreeLibraryAndExitThread

ExitThread

CreateThread

RtlUnwindEx

RtlPcToFileHeader

FormatMessageA

GetStringTypeExA

LCMapStringA

GetStringTypeExW

LoadLibraryA

QueryPerformanceCounter

GetStartupInfoW

IsProcessorFeaturePresent

UnhandledExceptionFilter

RtlVirtualUnwind

RtlLookupFunctionEntry

RtlCaptureContext

GetLocaleInfoW

LCMapStringW

CompareStringW

TlsSetValue

TlsGetValue

InitializeCriticalSectionAndSpinCount

GetCPInfo

GetStringTypeW

LoadLibraryExA

InitializeSListHead

EncodePointer

OutputDebugStringW

IsDebuggerPresent

TlsFree

TlsAlloc

GetSystemTime

CreateTimerQueueTimer

DeleteTimerQueueTimer

SetUnhandledExceptionFilter

OutputDebugStringA

QueryActCtxW

GetModuleHandleExW

CreateActCtxW

GetModuleFileNameW

InitializeCriticalSectionEx

RaiseException

DeleteCriticalSection

CloseHandle

GetLastError

FindActCtxSectionStringW

ActivateActCtx

DeactivateActCtx

CopyFileW

SleepEx

GlobalMemoryStatusEx

MapViewOfFile

WaitForSingleObjectEx

GetGeoInfoW

GetUserGeoID

FreeEnvironmentStringsW

GetEnvironmentStringsW

ExpandEnvironmentStringsW

FileTimeToSystemTime

SystemTimeToFileTime

GetSystemTimeAsFileTime

FileTimeToDosDateTime

ReadFile

ReleaseSemaphore

InterlockedPushEntrySList

VirtualFree

VirtualAlloc

InterlockedPopEntrySList

GetSystemInfo

OpenProcess

CreateToolhelp32Snapshot

Process32FirstW

Process32NextW

SetEvent

FormatMessageW

FlushInstructionCache

GetCurrentProcess

CreateEventW

CreateWaitableTimerW

SetThreadPriority

ResumeThread

TerminateThread

SetWaitableTimer

CancelWaitableTimer

Sleep

WaitForMultipleObjects

ResetEvent

CreateMutexW

CreateSemaphoreW

OpenEventW

GetVersionExW

VerSetConditionMask

VerifyVersionInfoW

WideCharToMultiByte

DeleteFileW

GetDriveTypeW

CreateFileW

LoadLibraryW

SetFilePointer

MoveFileW

WriteFile

GetCurrentProcessId

FindResourceExW

LockResource

FreeResource

LocalFree

LocalAlloc

GetUserDefaultLCID

GetFileAttributesW

FindFirstFileW

FileTimeToLocalFileTime

FindClose

GetFileAttributesExW

GetFileSizeEx

SetFilePointerEx

SetEndOfFile

GetTempFileNameW

GlobalAlloc

GlobalLock

GlobalUnlock

GlobalFree

MulDiv

lstrcmpW

DebugBreak

Module32FirstW

Module32NextW

CreateProcessW

TerminateProcess

K32GetModuleFileNameExW

CreateDirectoryW

GetTempPathW

OpenFileMappingW

CreateFileMappingW

UnmapViewOfFile

MapViewOfFileEx

RegisterClassExW

CreateWindowExW

FindWindowExW

GetKeyState

SetCapture

IsIconic

SetWindowTextW

ReleaseCapture

RemoveMenu

DispatchMessageW

CharNextW

SendMessageW

DestroyMenu

GetDlgItem

BringWindowToTop

DefWindowProcW

GetWindowLongPtrW

SetWindowLongPtrW

CallWindowProcW

DestroyWindow

PostQuitMessage

UnregisterPowerSettingNotification

RegisterPowerSettingNotification

RegisterWindowMessageW

UpdateLayeredWindow

SetWindowPos

IsWindow

UnregisterClassW

LoadStringA

PostMessageW

GetParent

GetWindowThreadProcessId

CallNextHookEx

GetDC

ReleaseDC

MsgWaitForMultipleObjectsEx

OffsetRect

GetSysColor

GetClientRect

GetWindow

SetFocus

GetFocus

LoadCursorW

InvalidateRect

FillRect

SetWindowLongW

GetWindowLongW

GetClassNameW

CreateAcceleratorTableW

ScreenToClient

ClientToScreen

InvalidateRgn

GetDesktopWindow

GetWindowDC

SetWindowsHookExW

UnhookWindowsHookEx

GetMonitorInfoW

EqualRect

MonitorFromPoint

DestroyIcon

FindWindowW

MonitorFromRect

CreatePopupMenu

GetIconInfo

IsRectEmpty

LoadStringW

MoveWindow

ShowWindow

GetWindowRect

RedrawWindow

EndPaint

IsChild

GetClassInfoExW

BeginPaint

IsWindowVisible

PeekMessageW

GetMessageW

DestroyAcceleratorTable

TranslateMessage

CopyRect

GetDeviceCaps

CreateDIBSection

CreateSolidBrush

CreateCompatibleBitmap

GetObjectW

GetStockObject

SetBkColor

ExtTextOutW

DeleteDC

DeleteObject

SelectObject

BitBlt

CreateCompatibleDC

SetLayout

GetDIBits

RegDeleteKeyW

RegCloseKey

RegQueryInfoKeyW

RegEnumKeyExW

RegQueryValueExW

RegEnumValueW

IsValidSid

GetTokenInformation

OpenProcessToken

RegOpenKeyExW

SetNamedSecurityInfoW

IsValidAcl

GetSidLengthRequired

InitializeAcl

InitializeSid

GetSidSubAuthority

AddAce

GetLengthSid

CopySid

ConvertSidToStringSidW

GetSidIdentifierAuthority

CryptDestroyKey

CryptSetKeyParam

CryptImportKey

CryptDecrypt

CryptAcquireContextW

GetSidSubAuthorityCount

RegDeleteValueW

RegCreateKeyExW

RegSetValueExW

CryptReleaseContext

CLSIDFromProgID

CoGetClassObject

CreateStreamOnHGlobal

StringFromGUID2

CoCreateGuid

CLSIDFromString

CoInitialize

OleLockRunning

OleRun

CoCreateInstance

CoTaskMemAlloc

CoTaskMemRealloc

CoTaskMemFree

OleUninitialize

CoUninitialize

OleInitialize

PropVariantClear

GetErrorInfo

SysStringByteLen

OleCreateFontIndirect

LoadTypeLi

LoadRegTypeLi

VarUI4FromStr

VariantClear

VariantChangeType

DispGetParam

VariantCopy

VariantInit

SysAllocString

SysFreeString

SysAllocStringByteLen

SysStringLen

UrlCreateFromPathW

UrlIsW

PathIsDirectoryW

PathFileExistsW

PathCanonicalizeW

PathRemoveBackslashW

PathIsUNCW

PathGetDriveNumberW

SHDeleteKeyW

PathCreateFromUrlW

ord12

AlphaBlend

WTSFreeMemory

WTSUnRegisterSessionNotification

WTSRegisterSessionNotification

WTSQuerySessionInformationW

DwmIsCompositionEnabled

DwmGetColorizationColor

CoInternetGetSession

ObtainUserAgentString

WinVerifyTrust

ord3

ord11

ord9

ord8

ord12

GdipGetImageHeight

GdipGetImageWidth

GdipSetPixelOffsetMode

GdipFree

GdipAlloc

GdipDeleteBrush

GdipCloneBrush

GdipSetInterpolationMode

GdipSetCompositingQuality

GdipBitmapApplyEffect

GdipDrawImageRectRectI

GdipSetImageAttributesColorMatrix

GdipDisposeImageAttributes

GdipCreateImageAttributes

GdipCreateEffect

GdipSetEffectParameters

GdipDeleteEffect

GdipCreateBitmapFromScan0

GdipCreateSolidFill

GdipCreateFromHDC

GdipDeleteGraphics

GdipFillRectangleI

GdipDrawImageRectI

GdipDisposeImage

GdipCloneImage

GdipSaveImageToStream

GdipGetImageRawFormat

GdipBitmapUnlockBits

GdipCreateBitmapFromStream

GdipLoadImageFromStream

GdipGetImagePixelFormat

GdipImageGetFrameCount

GdipImageSelectActiveFrame

GdipGetPropertyItemSize

GdipGetPropertyItem

GdipBitmapLockBits

GdipFillRectanglesI

GdipImageRotateFlip

GdipGetImageEncodersSize

GdipGetImageEncoders

GdiplusStartup

GdiplusShutdown

GdipCreateBitmapFromHBITMAP

GdipGetDC

GdipReleaseDC

GdipSetCompositingMode

GdipSetSmoothingMode

GdipFillRegion

GdipCreateRegionRectI

GdipDeleteRegion

GdipTranslateRegionI

GdipGetImageGraphicsContext

ImageGetCertificateData

ImageEnumerateCertificates

UnloadUserProfile

VerQueryValueW

GetFileVersionInfoSizeW

GetFileVersionInfoW

InternetCombineUrlW

InternetSetStatusCallbackW

InternetOpenW

InternetConnectW

HttpOpenRequestW

InternetSetOptionW

HttpAddRequestHeadersW

HttpSendRequestW

HttpQueryInfoW

InternetReadFile

InternetCloseHandle

GetUserNameExW

WSACleanup

WSAStartup

SHBindToParent

ord190

ShellExecuteExW

SHCreateItemFromIDList

SHGetIDListFromObject

SHGetFileInfoW

SHGetDesktopFolder

SHGetItemFromObject

SHParseDisplayName

SHCreateDirectoryExW

SHGetFolderPathW

ord155

SHGetKnownFolderPath

SHFileOperationW

SHAppBarMessage

CommandLineToArgvW

SHCreateItemFromParsingName

PropVariantToBSTR

CryptMsgUpdate

CertCloseStore

CertGetNameStringW

CertGetSubjectCertificateFromStore

CertOpenStore

CryptMsgOpenToDecode

CryptMsgClose

CryptMsgGetParam

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ