IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

_vscwprintf

_stricmp

_vsnprintf

malloc

qsort

wcsrchr

wcsncpy_s

_wcsnicmp

_callnewh

wcstok_s

_CxxThrowException

__CxxFrameHandler3

free

memmove_s

memcpy

??0exception@@QEAA@AEBV0@@Z

memmove

wcschr

??1exception@@UEAA@XZ

iswspace

_vsnprintf_s

memcpy_s

??0exception@@QEAA@AEBQEBD@Z

??0exception@@QEAA@AEBQEBDH@Z

?what@exception@@UEBAPEBDXZ

_XcptFilter

_amsg_exit

_initterm

?terminate@@YAXXZ

_unlock

__dllonexit

_onexit

??1type_info@@UEAA@XZ

_errno

realloc

_vsnwprintf

_wcsicmp

_purecall

__C_specific_handler

??_V@YAXPEAX@Z

swprintf_s

memcmp

_resetstkoflw

wcscpy_s

__CxxFrameHandler4

??3@YAXPEAX@Z

??0exception@@QEAA@XZ

_lock

memset

NtOpenProcess

NtOpenProcessToken

RtlDeleteSecurityObject

RtlCopySecurityDescriptor

RtlGetControlSecurityDescriptor

RtlCreateUserSecurityObject

NtQueryInformationProcess

RtlLengthSid

NtDuplicateToken

RtlAcquireResourceExclusive

NtQueryInformationToken

RtlAcquireResourceShared

RtlNtStatusToDosError

DbgPrint

RtlEqualSid

RtlVerifyVersionInfo

RtlCaptureStackBackTrace

NtQuerySystemInformation

NtQueryVirtualMemory

RtlFreeSid

RtlReleaseResource

RtlVirtualUnwind

RtlLookupFunctionEntry

RtlCaptureContext

VerSetConditionMask

RtlCompareMemory

RtlInitString

NtCreateFile

RtlInitUnicodeString

RtlAdjustPrivilege

RtlNumberGenericTableElements

RtlGetCurrentServiceSessionId

EtwEventActivityIdControl

NtQuerySystemTime

EtwEventWriteTransfer

RtlEnumerateGenericTable

RtlLookupElementGenericTable

RtlDeleteElementGenericTable

RtlInsertElementGenericTable

RtlInitializeGenericTable

RtlInitializeResource

RtlDeleteResource

EtwEventWriteFull

RtlAllocateAndInitializeSid

EtwEventRegister

EtwEventUnregister

RtlCopySid

SetUnhandledExceptionFilter

GetLastError

SetLastError

UnhandledExceptionFilter

RaiseException

SizeofResource

GetModuleFileNameA

GetModuleFileNameW

LoadStringW

LoadResource

GetModuleHandleExA

GetModuleHandleW

FindResourceExW

DisableThreadLibraryCalls

GetProcAddress

LoadLibraryExW

GetModuleHandleExW

FreeLibrary

InitializeSRWLock

CreateSemaphoreExW

InitializeCriticalSectionEx

WaitForSingleObjectEx

SetEvent

CreateMutexExW

OpenEventW

ReleaseMutex

ReleaseSemaphore

ResetEvent

ReleaseSRWLockShared

AcquireSRWLockShared

ReleaseSRWLockExclusive

AcquireSRWLockExclusive

InitializeCriticalSectionAndSpinCount

EnterCriticalSection

InitializeCriticalSection

WaitForSingleObject

WaitForMultipleObjectsEx

DeleteCriticalSection

LeaveCriticalSection

OpenSemaphoreW

CreateEventW

ExitThread

CreateThread

OpenProcessToken

TerminateProcess

GetExitCodeThread

CreateProcessAsUserW

GetCurrentProcessId

GetCurrentThreadId

TlsFree

ProcessIdToSessionId

GetCurrentProcess

GetCurrentThread

OpenThreadToken

CreateProcessW

TlsGetValue

TlsAlloc

TlsSetValue

CloseHandle

DuplicateHandle

LocalAlloc

LocalFree

RegSetValueExW

RegCreateKeyExW

RegGetValueW

RegQueryInfoKeyW

RegEnumKeyExW

RegDeleteValueW

RegQueryValueExW

RegOpenKeyExW

RegCloseKey

FormatMessageW

HeapAlloc

GetProcessHeap

HeapFree

DebugBreak

IsDebuggerPresent

OutputDebugStringW

OutputDebugStringA

CreateThreadpoolTimer

SetThreadpoolTimer

CreateThreadpoolCleanupGroup

WaitForThreadpoolTimerCallbacks

SetThreadpoolThreadMinimum

SetThreadpoolThreadMaximum

TrySubmitThreadpoolCallback

CreateThreadpool

CloseThreadpool

CloseThreadpoolCleanupGroupMembers

CloseThreadpoolTimer

CloseThreadpoolCleanupGroup

EqualSid

CreateWellKnownSid

GetFileSecurityW

GetAce

GetAclInformation

GetSecurityDescriptorDacl

GetTokenInformation

ImpersonateLoggedOnUser

RevertToSelf

InitializeAcl

InitializeSecurityDescriptor

AllocateAndInitializeSid

GetSecurityDescriptorLength

DuplicateTokenEx

AllocateLocallyUniqueId

IsValidSid

MakeSelfRelativeSD

MakeAbsoluteSD

CheckTokenMembership

GetLengthSid

CopySid

DuplicateToken

AccessCheckAndAuditAlarmW

FreeSid

IsValidSecurityDescriptor

GetSecurityDescriptorControl

SetSecurityDescriptorDacl

AddAce

ExpandEnvironmentStringsW

CharNextW

MultiByteToWideChar

GetTickCount

GetSystemTimeAsFileTime

GetVersionExW

GetSystemDirectoryW

GetTickCount64

GetSystemTime

GetProductInfo

RpcServerListen

RpcServerUnregisterIfEx

RpcBindingToStringBindingW

RpcStringFreeW

RpcServerInqCallAttributesW

RpcImpersonateClient

RpcRevertToSelf

I_RpcBindingInqLocalClientPID

RpcServerInqDefaultPrincNameW

NdrServerCallAll

RpcServerRegisterIf3

I_RpcBindingIsClientLocal

UuidFromStringW

UuidToStringW

RpcServerUseProtseqEpW

RpcServerRegisterIfEx

NdrServerCall2

RpcServerRegisterAuthInfoW

RpcStringBindingParseW

DeviceIoControl

LoadLibraryW

Sleep

CompareFileTime

CreateDirectoryW

CreateFileW

QueryDosDeviceW

CreateSemaphoreW

WaitForMultipleObjects

QueryPerformanceCounter

lstrcmpiW

lstrcmpW

UnregisterWaitEx

CreateTimerQueueTimer

CreateTimerQueue

DeleteTimerQueueTimer

QueueUserWorkItem

DeleteTimerQueueEx

GetComputerNameW

RegisterWaitForSingleObject

UnregisterWait

VerifyVersionInfoW

CheckElevationEnabled

WTSIsServerContainer

OOBEComplete

TraceMessage

EventUnregister

EventSetInformation

EventActivityIdControl

EventRegister

EventWriteTransfer

OpenProcess

K32EnumProcessModules

DeriveCapabilitySidsFromName

SystemTimeToFileTime

ResolveDelayLoadedAPI

DelayLoadFailureHook

LocalSize

ApiSetQueryApiSetPresence

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ