IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

RtlUnwindEx

RtlPcToFileHeader

RtlGetVersion

NtQueryInformationProcess

NtQuerySystemInformation

RtlVirtualUnwind

RtlLookupFunctionEntry

RtlCaptureContext

NtReadFile

NtWriteFile

NtCreateFile

NtDeviceIoControlFile

RtlNtStatusToDosError

NtCancelIoFileEx

CopySid

CryptSignHashW

CryptDestroyHash

CryptCreateHash

CryptDecrypt

CryptExportKey

CryptGetUserKey

CryptGetProvParam

CryptSetHashParam

CryptDestroyKey

CryptReleaseContext

CryptAcquireContextW

ReportEventW

RegEnumKeyExW

RegOpenKeyExW

SystemFunction036

RegQueryValueExW

RegSetValueExW

RegCreateKeyExW

RegDeleteValueW

CredWriteW

CredReadW

CredFree

CredDeleteW

IsValidSid

GetLengthSid

RegisterEventSourceW

LookupAccountSidW

OpenProcessToken

GetTokenInformation

RegCloseKey

RegEnumValueW

DeregisterEventSource

CryptEnumProvidersW

GetProcessWindowStation

GetSystemMetrics

GetUserObjectInformationW

MessageBoxW

CertVerifyCertificateChainPolicy

CertAddCertificateContextToStore

CertDuplicateCertificateChain

CertFindCertificateInStore

CertGetCertificateContextProperty

CertOpenStore

CertGetCertificateChain

CertCloseStore

CertDuplicateStore

CertFreeCertificateChain

CertEnumCertificatesInStore

CertFreeCertificateContext

CertDuplicateCertificateContext

send

WSASend

ntohs

select

gethostbyname

htonl

recv

inet_addr

inet_ntoa

gethostbyaddr

getservbyport

getsockname

getservbyname

WSASetLastError

WSACleanup

WSAStartup

freeaddrinfo

htons

getaddrinfo

WSASocketW

connect

accept

socket

WSAIoctl

getpeername

getsockopt

setsockopt

ioctlsocket

closesocket

listen

bind

WSAGetLastError

shutdown

FreeMibTable

GetAdaptersAddresses

GetIfEntry2

GetIfTable2

LoadLibraryExW

PeekNamedPipe

SystemTimeToTzSpecificLocalTime

FileTimeToSystemTime

GetCommandLineA

SetEndOfFile

FlushFileBuffers

GetConsoleOutputCP

GetFileSizeEx

SetStdHandle

FlsAlloc

FlsGetValue

FlsSetValue

InitializeCriticalSectionAndSpinCount

DeleteCriticalSection

LeaveCriticalSection

EnterCriticalSection

EncodePointer

RaiseException

GetStartupInfoW

IsDebuggerPresent

InitializeSListHead

IsProcessorFeaturePresent

SetUnhandledExceptionFilter

UnhandledExceptionFilter

FindFirstFileExW

IsValidCodePage

GetOEMCP

GetCPInfo

SetEnvironmentVariableW

GetStringTypeW

GetTimeZoneInformation

HeapSize

SystemTimeToFileTime

GetSystemTime

LoadLibraryW

ReadConsoleA

FlsFree

CompareStringW

GetTempPathW

HeapFree

QueryPerformanceCounter

GetLastError

CloseHandle

SwitchToThread

AcquireSRWLockExclusive

ReleaseSRWLockExclusive

CreateFileW

SetNamedPipeHandleState

CreateNamedPipeW

HeapReAlloc

AcquireSRWLockShared

ReleaseSRWLockShared

UnlockFileEx

SetFileInformationByHandle

GetCurrentProcessId

SetFilePointerEx

VirtualUnlock

PostQueuedCompletionStatus

PowerClearRequest

VirtualLock

WaitForSingleObject

GetExitCodeProcess

GetSystemInfo

PowerCreateRequest

AddVectoredExceptionHandler

SetThreadStackGuarantee

GetStdHandle

GetConsoleMode

SetConsoleMode

SetConsoleTextAttribute

GetConsoleScreenBufferInfo

GetTimeZoneInformationForYear

TryAcquireSRWLockExclusive

FindClose

CopyFileExW

GetProcessId

GetEnvironmentStringsW

FreeEnvironmentStringsW

PowerSetRequest

FillConsoleOutputCharacterA

FillConsoleOutputAttribute

SetConsoleCursorPosition

CreateMutexA

LockFileEx

GetFileInformationByHandleEx

ReadConsoleInputW

GetNumberOfConsoleInputEvents

GetConsoleCursorInfo

SetConsoleCursorInfo

lstrlenW

GetComputerNameExW

QueryPerformanceFrequency

WakeConditionVariable

GetQueuedCompletionStatusEx

SetLastError

GetFinalPathNameByHandleW

ConnectNamedPipe

ReadFile

GetOverlappedResult

WriteFile

CancelIoEx

CreateIoCompletionPort

SetFileCompletionNotificationModes

Sleep

GetModuleHandleA

GetProcAddress

GetCurrentThread

MultiByteToWideChar

WriteConsoleW

GetModuleHandleW

FormatMessageW

GetCurrentDirectoryW

GetCurrentProcess

GetEnvironmentVariableW

GetModuleFileNameW

GetCommandLineW

GetFileInformationByHandle

GetFullPathNameW

FindNextFileW

CreateDirectoryW

FindFirstFileW

WideCharToMultiByte

ReadConsoleW

SetHandleInformation

CompareStringOrdinal

GetSystemDirectoryW

GetWindowsDirectoryW

CreateProcessW

GetFileAttributesW

DuplicateHandle

InitializeProcThreadAttributeList

UpdateProcThreadAttribute

DeleteProcThreadAttributeList

CreateThread

ReadFileEx

SleepEx

WriteFileEx

WaitForMultipleObjects

CreateEventW

CancelIo

ExitProcess

TerminateProcess

GetSystemTimeAsFileTime

GetProcessHeap

HeapAlloc

WaitForSingleObjectEx

LoadLibraryA

ReleaseMutex

DeleteFileW

MoveFileExW

CreateSymbolicLinkW

SetFileAttributesW

GetFileType

GetTickCount64

GlobalMemoryStatusEx

GetLogicalDrives

GetDiskFreeSpaceExW

GetDriveTypeW

GetVolumeInformationW

DeviceIoControl

GetProcessTimes

OpenProcess

ReadProcessMemory

LocalFree

VirtualQueryEx

GetSystemTimes

GetProcessIoCounters

LocalAlloc

CreateHardLinkW

SetFileTime

RegisterWaitForSingleObject

UnregisterWaitEx

SetConsoleCtrlHandler

GetNativeSystemInfo

InitializeSRWLock

GetCurrentThreadId

TlsAlloc

TlsGetValue

TlsSetValue

TlsFree

GetModuleHandleExW

VirtualFree

GetSystemDirectoryA

FreeLibrary

FormatMessageA

GetACP

LCMapStringW

NetUserGetInfo

NetUserEnum

NetApiBufferFree

NetUserGetLocalGroups

CoUninitialize

CoTaskMemFree

CoInitializeEx

CoInitializeSecurity

CoCreateInstance

CoSetProxyBlanket

SysFreeString

VariantClear

SysAllocString

PdhCloseQuery

PdhOpenQueryA

PdhCollectQueryData

PdhAddEnglishCounterW

PdhGetFormattedCounterValue

PdhRemoveCounter

CallNtPowerInformation

GetPerformanceInfo

GetModuleFileNameExW

GetProcessMemoryInfo

LsaGetLogonSessionData

LsaFreeReturnBuffer

AcceptSecurityContext

AcquireCredentialsHandleA

FreeCredentialsHandle

DeleteSecurityContext

FreeContextBuffer

InitializeSecurityContextW

LsaEnumerateLogonSessions

DecryptMessage

ApplyControlToken

EncryptMessage

QueryContextAttributesW

CommandLineToArgvW

SHGetKnownFolderPath

BCryptGenRandom

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ