IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

RegisterEventSourceW

OpenProcessToken

GetTokenInformation

EventWrite

RegCreateKeyExW

CreateProcessAsUserW

DeregisterEventSource

EventRegister

ReportEventW

RegCloseKey

RegSetValueExW

LookupAccountSidW

LookupAccountNameW

AllocateLocallyUniqueId

AllocateAndInitializeSid

FreeSid

ConvertSidToStringSidW

CreateWellKnownSid

CryptGetHashParam

CryptAcquireContextW

CryptReleaseContext

RegDeleteKeyW

CryptCreateHash

ConvertStringSecurityDescriptorToSecurityDescriptorW

CryptDestroyHash

CryptHashData

CheckTokenMembership

EventUnregister

WaitForMultipleObjects

ResumeThread

FindFirstFileW

FreeLibrary

LoadLibraryW

GetProcAddress

FindClose

LocalFree

InitializeCriticalSection

OpenProcess

LeaveCriticalSection

EnterCriticalSection

DeleteCriticalSection

GetVersionExW

CopyFileW

UnhandledExceptionFilter

GetTickCount

GetSystemTimeAsFileTime

GetCurrentThreadId

GetCurrentProcessId

QueryPerformanceCounter

GetModuleHandleW

DeviceIoControl

LocalAlloc

TlsFree

GetSystemTime

TlsAlloc

GetFileTime

AcquireSRWLockShared

InitializeSRWLock

MoveFileW

GetFileSizeEx

FlushFileBuffers

ReleaseSRWLockShared

TlsSetValue

AcquireSRWLockExclusive

OutputDebugStringW

ReleaseSRWLockExclusive

CompareFileTime

TlsGetValue

SetFilePointer

DeleteFileW

FindNextFileW

SetUnhandledExceptionFilter

Sleep

SetEnvironmentVariableW

GetCurrentProcess

ExpandEnvironmentStringsW

CloseHandle

GetExitCodeProcess

WaitForSingleObject

CreateProcessW

SetLastError

GetLastError

CreateFileW

GetProcessHeap

HeapFree

HeapAlloc

CreateDirectoryW

GetEnvironmentVariableW

GetModuleFileNameW

GetFileAttributesW

WriteFile

TerminateProcess

clock

_wcsicmp

memcpy

_exit

_vsnwprintf

_putws

wcsrchr

memmove

wcschr

__CxxFrameHandler3

_onexit

__dllonexit

_unlock

_lock

?terminate@@YAXXZ

_commode

_fmode

__C_specific_handler

_initterm

__setusermatherr

_cexit

memset

exit

__set_app_type

__wgetmainargs

_amsg_exit

_XcptFilter

_callnewh

malloc

free

RtlVirtualUnwind

NtQueryInformationProcess

RtlLookupFunctionEntry

RtlCaptureContext

RtlInitUnicodeString

RtlLengthRequiredSid

UuidCreate

NdrServerCall2

NdrServerCallAll

NdrClientCall3

RpcStringFreeW

RpcBindingFree

RpcStringBindingComposeW

RpcBindingFromStringBindingW

RpcServerUseProtseqEpW

RpcServerRegisterIfEx

RpcServerInqCallAttributesW

CoInitializeEx

CoUninitialize

CoCreateInstance

SysFreeString

SysAllocStringLen

SysStringLen

SysAllocString

ExpandEnvironmentStringsForUserW

CryptBinaryToStringW

RdGetLocalResource

RdCloseLocalResource

RdGetLocalResourceName

RdGetRuntimeExecutionEnvironment

RdGetConfigurationPath

RdRegisterCallback

RdGetSystemConfigurationSetting

RdUninitializeRuntime

RdGetApplicationConfigurationSetting

RdGetResourceRoot

RdInitializeRuntimeEx

LsaFreeReturnBuffer

CreateXmlReader

SHCreateStreamOnFileW

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ