IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

wcspbrk

iswspace

wcstok

wcsrchr

sprintf_s

wcscpy_s

wcsstr

_vsnprintf_s

free

malloc

memmove

rand

_local_unwind

memcpy

_CxxThrowException

_XcptFilter

_amsg_exit

__getmainargs

__set_app_type

exit

_exit

_cexit

_ismbblead

__setusermatherr

_initterm

_acmdln

_fmode

_commode

_lock

_unlock

__dllonexit

_vsnwprintf

_onexit

__CxxFrameHandler3

?terminate@@YAXXZ

memset

memcmp

wcschr

_callnewh

??1type_info@@UEAA@XZ

toupper

_get_errno

_set_errno

??0exception@@QEAA@AEBV0@@Z

??0exception@@QEAA@XZ

??1exception@@UEAA@XZ

_tolower

_wcsicmp

_wtoi

_wcsnicmp

_ultow

__C_specific_handler

memmove_s

_purecall

memcpy_s

_vscwprintf

wcscmp

GetProcAddress

LoadStringW

GetModuleFileNameW

LockResource

LoadResource

FindResourceExW

GetModuleHandleW

LoadLibraryExW

FreeLibrary

GetModuleHandleExW

GetModuleFileNameA

Sleep

WakeAllConditionVariable

InitOnceComplete

InitOnceBeginInitialize

SleepConditionVariableSRW

InitOnceExecuteOnce

EnterCriticalSection

ReleaseSRWLockExclusive

ReleaseSemaphore

ResetEvent

SleepEx

AcquireSRWLockExclusive

CreateSemaphoreExW

InitializeCriticalSection

WaitForSingleObject

OpenSemaphoreW

OpenEventW

TryEnterCriticalSection

SetEvent

WaitForSingleObjectEx

DeleteCriticalSection

CreateEventW

LeaveCriticalSection

ReleaseSRWLockShared

InitializeCriticalSectionEx

ReleaseMutex

CreateMutexW

AcquireSRWLockShared

CreateMutexExW

TryAcquireSRWLockExclusive

GetProcessHeap

HeapSetInformation

HeapFree

HeapSize

HeapAlloc

UnhandledExceptionFilter

GetLastError

RaiseException

SetLastError

SetErrorMode

SetUnhandledExceptionFilter

TrySubmitThreadpoolCallback

SetThreadpoolThreadMinimum

WaitForThreadpoolTimerCallbacks

CreateThreadpoolCleanupGroup

CloseThreadpoolCleanupGroup

SetThreadpoolThreadMaximum

SetThreadpoolTimer

CreateThreadpool

CloseThreadpoolWork

CreateThreadpoolTimer

CloseThreadpoolCleanupGroupMembers

CloseThreadpool

CreateThreadpoolWork

SubmitThreadpoolWork

CloseThreadpoolTimer

CreateProcessW

UpdateProcThreadAttribute

DeleteProcThreadAttributeList

GetCurrentThread

OpenProcessToken

InitializeProcThreadAttributeList

SetThreadToken

ResumeThread

GetExitCodeProcess

GetCurrentProcess

SetPriorityClass

SetThreadPriority

CreateProcessAsUserW

GetCurrentThreadId

CreateThread

GetCurrentProcessId

CreateRemoteThread

GetProcessId

TerminateProcess

GetStartupInfoW

GetThreadUILanguage

FormatMessageW

DebugBreak

IsDebuggerPresent

OutputDebugStringW

DuplicateHandle

CloseHandle

RegEnumKeyExW

RegFlushKey

RegCloseKey

RegGetValueA

RegDeleteValueW

RegCreateKeyExW

RegDeleteKeyExW

RegOpenKeyExW

RegDeleteTreeW

RegSetKeySecurity

RegQueryValueExW

RegSetValueExW

RegNotifyChangeKeyValue

RegQueryInfoKeyW

RegEnumValueW

RegGetValueW

GetProcessMitigationPolicy

OpenProcess

ControlTraceW

StartTraceW

EnableTraceEx2

LocalReAlloc

LocalFree

LocalAlloc

MoveFileExW

VirtualFree

VirtualAlloc

VirtualUnlock

VirtualLock

SetProcessWorkingSetSizeEx

GetProcessWorkingSetSizeEx

ExpandEnvironmentStringsW

SetEnvironmentVariableW

SearchPathW

GetCommandLineW

GetTickCount

GetSystemTime

GetSystemTimeAsFileTime

GetSystemWindowsDirectoryW

GetTickCount64

GetLocalTime

GetVersionExW

GetLengthSid

FreeSid

GetSidIdentifierAuthority

DuplicateToken

CheckTokenMembership

IsValidSid

EqualSid

ImpersonateLoggedOnUser

SetTokenInformation

AdjustTokenPrivileges

CreateRestrictedToken

GetTokenInformation

GetSecurityDescriptorDacl

AllocateAndInitializeSid

CopySid

CreateWellKnownSid

AllocateLocallyUniqueId

DuplicateTokenEx

RevertToSelf

RpcMgmtIsServerListening

RpcAsyncInitializeHandle

RpcBindingCopy

RpcStringFreeW

Ndr64AsyncClientCall

RpcExceptionFilter

I_RpcMapWin32Status

RpcAsyncAbortCall

RpcBindingSetAuthInfoExW

RpcBindingFromStringBindingW

RpcAsyncCancelCall

RpcStringBindingComposeW

UuidToStringW

UuidCreate

I_RpcBindingInqLocalClientPID

RpcImpersonateClient

RpcRevertToSelf

RpcBindingCreateW

UuidFromStringW

RpcBindingBind

RpcServerInqCallAttributesW

RpcServerTestCancel

RpcServerUseProtseqEpW

NdrServerCall2

Ndr64AsyncServerCallAll

NdrServerCallAll

NdrAsyncServerCall

RpcRaiseException

RpcServerInqBindings

RpcEpRegisterW

RpcEpUnregister

RpcServerListen

RpcServerRegisterIfEx

RpcServerUnregisterIf

RpcServerUseProtseqW

I_RpcBindingIsClientLocal

RpcBindingVectorFree

RpcServerUnsubscribeForNotification

RpcServerSubscribeForNotification

I_RpcExceptionFilter

NdrClientCall3

RpcBindingUnbind

RpcBindingFree

RpcAsyncCompleteCall

CoInitializeEx

CoUninitialize

CoCreateInstance

CoTaskMemAlloc

CoTaskMemRealloc

CoGetMalloc

CoTaskMemFree

CompareStringOrdinal

WideCharToMultiByte

CompareStringW

QueryFullProcessImageNameW

GetProductInfo

PowerDeterminePlatformRoleEx

CreateFileW

GetFileAttributesW

GetShortPathNameW

CompareFileTime

FileTimeToSystemTime

SystemTimeToTzSpecificLocalTime

GetTimeFormatW

GetDateFormatW

PowerSettingRegisterNotification

PowerSettingUnregisterNotification

QueryPerformanceCounter

InitiateShutdownW

OpenSCManagerW

StartServiceW

OpenServiceW

CloseServiceHandle

QueryServiceStatusEx

NotifyServiceStatusChangeW

QueryServiceConfigW

RegDeleteKeyValueW

RegSetKeyValueW

RtlLookupFunctionEntry

RtlCaptureContext

RtlVirtualUnwind

RtlCompareMemory

UnregisterTraceGuids

RegisterTraceGuidsW

GetTraceEnableLevel

GetTraceEnableFlags

GetTraceLoggerHandle

CredFree

CredUnmarshalCredentialW

LookupAccountNameW

LookupAccountSidW

GetFileVersionInfoSizeExW

VerQueryValueW

GetFileVersionInfoExW

EventRegister

EventProviderEnabled

EventWriteTransfer

EventSetInformation

EventUnregister

QueryServiceStatus

QueryInformationJobObject

TerminateJobObject

SetInformationJobObject

AssignProcessToJobObject

CreateJobObjectW

LsaStorePrivateData

LsaFreeMemory

LsaOpenPolicy

LsaQueryInformationPolicy

LsaClose

BaseInitAppcompatCacheSupport

ApiSetQueryApiSetPresence

CredReadByTokenHandle

NotifyBootConfigStatus

DeregisterEventSource

ReportEventW

GetEventLogInformation

RegisterEventSourceW

QueueUserWorkItem

DeleteTimerQueueTimer

CreateTimerQueueTimer

UnregisterWaitEx

GetComputerNameW

UnregisterWait

RegisterWaitForSingleObject

RegOpenKeyW

RegCreateKeyW

LocalSize

GetPersistedRegistryLocationW

CreateProcessInternalW

AppContainerDeriveSidFromMoniker

WinSqmIsOptedIn

NtCreateEvent

RtlAddAce

RtlSetDaclSecurityDescriptor

RtlGetDaclSecurityDescriptor

NtAdjustPrivilegesToken

NtDuplicateToken

RtlUnhandledExceptionFilter

NtQueryInformationProcess

NtDeviceIoControlFile

WinSqmEndSession

RtlInitializeResource

RtlAcquireResourceExclusive

RtlReleaseResource

RtlDeleteResource

NtGetCachedSigningLevel

WinSqmSetString

NtOpenEvent

NtSetEvent

RtlGetCurrentServiceSessionId

NtDeleteWnfStateName

NtCreateWnfStateName

RtlQueryResourcePolicy

__isascii

isupper

_vsnprintf

RtlGetNtProductType

RtlSetSystemBootStatus

RtlRemovePrivileges

RtlpVerifyAndCommitUILanguageSettings

NtSetInformationProcess

EtwUnregisterTraceGuids

EtwRegisterTraceGuidsW

EtwGetTraceEnableFlags

EtwGetTraceEnableLevel

EtwGetTraceLoggerHandle

NtShutdownSystem

RtlCompareUnicodeString

RtlCreateEnvironment

TpReleaseTimer

TpWaitForTimer

TpAllocTimer

TpSetTimer

NtOpenThreadToken

NtOpenFile

RtlAppendUnicodeToString

NtOpenDirectoryObject

RtlFreeSid

NtSetSecurityObject

RtlSetSaclSecurityDescriptor

RtlAddMandatoryAce

RtlCreateAcl

RtlCreateSecurityDescriptor

RtlAllocateAndInitializeSid

RtlDestroyEnvironment

RtlCopySid

RtlNtStatusToDosErrorNoTeb

RtlSetEnvironmentVariable

RtlQueryEnvironmentVariable_U

RtlExpandEnvironmentStrings_U

RtlInitUnicodeStringEx

RtlGetAce

NtSetIRTimer

NtCreateIRTimer

NtSetInformationToken

NtCreateToken

RtlSubscribeWnfStateChangeNotification

RtlQueryWnfStateData

TpAllocWait

WinSqmSetDWORD

TpPostWork

TpAllocWork

RtlUnsubscribeWnfNotificationWaitForCompletion

TpReleaseWork

TpWaitForWork

TpReleaseWait

TpWaitForWait

TpSetWait

NtFilterToken

NtInitiatePowerAction

RtlAdjustPrivilege

RtlPublishWnfStateData

RtlLengthSid

EtwEventWriteStartScenario

EtwEventWriteEndScenario

RtlInitUnicodeString

NtAllocateLocallyUniqueId

RtlDeregisterWait

RtlRegisterWait

RtlTimeToSecondsSince1980

WinSqmAddToStream

TpSimpleTryPost

RtlEqualSid

EtwEventEnabled

EtwEventWrite

RtlCopyLuid

NtPowerInformation

EtwEventActivityIdControl

RtlGetActiveConsoleId

RtlInitString

NtQuerySystemInformation

NtSystemDebugControl

NtQueryInformationToken

NtOpenProcessToken

RtlLeaveCriticalSection

RtlEnterCriticalSection

RtlInitializeCriticalSection

RtlDeleteCriticalSection

RtlFreeUnicodeString

RtlNtStatusToDosError

RtlDuplicateUnicodeString

NtClose

RtlOpenCurrentUser

RtlGetDeviceFamilyInfoEnum

EtwTraceMessage

EtwEventRegister

EtwEventUnregister

EtwEventWriteTransfer

EtwEventSetInformation

WinSqmStartSession

WindowsGetStringRawBuffer

WindowsDeleteString

WindowsCreateStringReference

RoActivateInstance

ResolveDelayLoadedAPI

DelayLoadFailureHook

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE