IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LINE_NUMS_STRIPPED

IMAGE_FILE_LOCAL_SYMS_STRIPPED

IMAGE_FILE_32BIT_MACHINE

IMAGE_FILE_DLL

_except_handler3

ZwFreeVirtualMemory

ZwAllocateVirtualMemory

wcslen

_wcsnicmp

wcschr

mbstowcs

ZwQueryObject

ZwDuplicateObject

PsGetCurrentProcessId

KeUnstackDetachProcess

ObfDereferenceObject

KeServiceDescriptorTable

KeStackAttachProcess

PsLookupProcessByProcessId

RtlNtStatusToDosError

MmUnmapIoSpace

KeNumberProcessors

MmHighestUserAddress

MmGetVirtualForPhysical

MmMapIoSpace

_allshr

memmove

KeDelayExecutionThread

_allmul

ZwRequestWaitReplyPort

PsGetCurrentThreadId

strncat

strncmp

wcsncpy

ZwUnmapViewOfSection

ZwMapViewOfSection

ZwCreateSection

RtlInitUnicodeString

wcscat

wcsrchr

KeSetEvent

ZwWaitForSingleObject

_strnicmp

strrchr

KeWaitForSingleObject

KeInitializeEvent

_vsnprintf

ObReferenceObjectByHandle

ObOpenObjectByName

ObfReferenceObject

IoGetDeviceObjectPointer

IofCompleteRequest

ExFreePoolWithTag

KeInsertQueueApc

KeInitializeApc

ExAllocatePoolWithTag

strchr

ExQueueWorkItem

KeQuerySystemTime

ZwQueryKey

wcsncmp

ZwDeleteKey

ZwDeleteValueKey

ZwOpenKey

swprintf

ZwEnumerateValueKey

ZwEnumerateKey

ZwDeleteFile

ZwUnloadKey

ZwLoadKey

IoFileObjectType

ExGetPreviousMode

IoGetCurrentProcess

strncpy

ZwOpenEvent

ZwSetValueKey

ZwCreateKey

ZwWriteFile

ZwOpenProcess

IoCreateFile

RtlCompareUnicodeString

ObReferenceObjectByName

IoDriverObjectType

wcscpy

ZwQuerySymbolicLinkObject

ZwOpenSymbolicLinkObject

_wcsicmp

ObOpenObjectByPointer

strstr

_strlwr

_snwprintf

IofCallDriver

PsSetCreateProcessNotifyRoutine

SeSinglePrivilegeCheck

SeExports

MmMapViewOfSection

IoCreateDevice

ZwFlushVirtualMemory

KeInitializeMutex

KeReleaseMutex

ZwQuerySystemInformation

RtlQueryRegistryValues

KeQueryTimeIncrement

KeTickCount

_alldiv

ZwReadFile

ZwSetInformationFile

RtlCharToInteger

PsLookupProcessThreadByCid

KeReadStateEvent

KeInsertQueueDpc

KeSetTargetProcessorDpc

KeSetImportanceDpc

KeInitializeDpc

PsGetVersion

IoFreeMdl

MmProbeAndLockPages

IoAllocateMdl

MmUnlockPages

MmMapLockedPagesSpecifyCache

MmUnmapLockedPages

KeAddSystemServiceTable

KeInitializeSemaphore

KeReleaseSemaphore

rand

PsCreateSystemThread

RtlMultiByteToUnicodeN

RtlUnicodeToMultiByteN

IoBuildDeviceIoControlRequest

sprintf

RtlAnsiStringToUnicodeString

RtlInitAnsiString

RtlFreeUnicodeString

ZwFsControlFile

atoi

IoCancelIrp

IoDeleteDevice

ExfInterlockedInsertTailList

MmUserProbeAddress

ProbeForRead

SeSetSecurityDescriptorInfo

_allrem

ExfInterlockedRemoveHeadList

vsprintf

ZwPulseEvent

MmMapLockedPages

_stricmp

RtlCreateSecurityDescriptor

RtlSetDaclSecurityDescriptor

ZwCreateEvent

ZwQueryInformationProcess

NtClose

ZwOpenThread

KfRaiseIrql

KfAcquireSpinLock

KfReleaseSpinLock

KeRaiseIrqlToDpcLevel

KfLowerIrql

KeGetCurrentIrql

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ