IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

_lock

iswspace

??1type_info@@UEAA@XZ

?terminate@@YAXXZ

_commode

_fmode

_wcmdln

_initterm

__setusermatherr

_cexit

_exit

exit

__set_app_type

__wgetmainargs

_amsg_exit

_XcptFilter

_CxxThrowException

??0exception@@QEAA@AEBQEBDH@Z

_callnewh

?what@exception@@UEBAPEBDXZ

??0exception@@QEAA@AEBQEBD@Z

wcsstr

_unlock

wcstok

_errno

wcsrchr

_beginthreadex

wcstoul

towupper

wcsncmp

_wcsicmp

_wcsnicmp

iswdigit

_vsnprintf

_purecall

wcscat_s

_vsnprintf_s

malloc

realloc

free

??0exception@@QEAA@XZ

memmove_s

memcpy_s

??0exception@@QEAA@AEBV0@@Z

??1exception@@UEAA@XZ

_vsnwprintf

__dllonexit

_onexit

memset

_vscwprintf

__CxxFrameHandler3

memcmp

qsort

memcpy

__C_specific_handler

memmove

wcscmp

GetErrorInfo

LoadRegTypeLi

VarUI4FromStr

SysFreeString

SysStringLen

SysAllocStringLen

SysAllocString

VariantClear

VariantCopy

VariantChangeType

VariantInit

FormatMessageW

WaitForSingleObject

DeleteCriticalSection

ReleaseSRWLockExclusive

InitializeCriticalSection

ReleaseSRWLockShared

EnterCriticalSection

InitializeCriticalSectionAndSpinCount

ReleaseSemaphore

SetWaitableTimer

CancelWaitableTimer

CreateEventW

LeaveCriticalSection

CreateWaitableTimerExW

WaitForMultipleObjectsEx

CreateMutexExW

CreateSemaphoreExW

OpenSemaphoreW

ResetEvent

InitializeCriticalSectionEx

AcquireSRWLockShared

AcquireSRWLockExclusive

WaitForSingleObjectEx

ReleaseMutex

SetEvent

SetErrorMode

GetLastError

SetUnhandledExceptionFilter

UnhandledExceptionFilter

RaiseException

SetLastError

InitOnceComplete

InitOnceBeginInitialize

Sleep

OpenProcessToken

TerminateProcess

GetCurrentProcess

GetCurrentProcessId

GetCurrentThreadId

SetThreadPriority

OpenThread

GetStartupInfoW

ResumeThread

GetCurrentThread

OpenThreadToken

CreateThread

CoCreateGuid

CoSetProxyBlanket

CoRevertToSelf

CoRegisterClassObject

CoTaskMemFree

CoRevokeClassObject

CoGetClassObject

CoTaskMemAlloc

CoDisconnectContext

StringFromCLSID

CoCreateInstance

CoUninitialize

CoGetCallContext

CoGetObjectContext

CLSIDFromString

CoTaskMemRealloc

CoInitializeEx

CoImpersonateClient

CoFreeUnusedLibraries

CoInitializeSecurity

CompareStringW

MultiByteToWideChar

CloseHandle

VirtualQuery

VirtualAlloc

VirtualProtect

GetComputerNameExW

GetTickCount64

GetTickCount

GetSystemDirectoryW

GetVersionExW

GetSystemInfo

GetSystemTimeAsFileTime

GetSystemWindowsDirectoryW

DebugBreak

IsDebuggerPresent

OutputDebugStringW

HeapAlloc

GetProcessHeap

HeapFree

HeapSetInformation

GetModuleHandleExW

FreeLibrary

LoadLibraryExW

SizeofResource

GetModuleFileNameA

LoadResource

GetProcAddress

GetModuleFileNameW

GetModuleHandleW

LoadStringW

FindResourceExW

CreateThreadpoolTimer

WaitForThreadpoolTimerCallbacks

CloseThreadpoolTimer

SetThreadpoolTimer

CharPrevW

CharNextW

RegCreateKeyExW

RegSetValueExW

RegDeleteValueW

RegCloseKey

RegEnumKeyExW

RegDeleteTreeW

RegOpenKeyExW

RegQueryValueExW

RegQueryInfoKeyW

RegEnumValueW

lstrcpynW

lstrcmpiW

RtlNtStatusToDosError

RtlAdjustPrivilege

EtwTraceMessage

NtThawRegistry

NtFreezeRegistry

NtQueryInformationProcess

NtClose

NtCreateSymbolicLinkObject

RtlInitUnicodeString

NtThawTransactions

NtFreezeTransactions

NtQuerySystemInformation

RtlNtStatusToDosErrorNoTeb

NtQueryVolumeInformationFile

EtwUnregisterTraceGuids

EtwRegisterTraceGuidsW

EtwGetTraceEnableFlags

EtwGetTraceEnableLevel

EtwGetTraceLoggerHandle

StartServiceCtrlDispatcherW

SetServiceStatus

RegisterServiceCtrlHandlerExW

ExpandEnvironmentStringsW

GetEnvironmentVariableW

GetCommandLineW

LocalAlloc

LocalFree

FindFirstVolumeW

FindNextVolumeW

FindFirstFileW

CreateDirectoryW

SetFileAttributesW

GetVolumeInformationW

GetDriveTypeW

WriteFile

GetFileAttributesW

GetDiskFreeSpaceW

DeleteFileW

ReadFile

QueryDosDeviceW

CreateFileW

FindVolumeClose

DeleteVolumeMountPointW

FindClose

FindNextFileW

DefineDosDeviceW

FlushFileBuffers

GetVolumePathNameW

GetOverlappedResult

DeviceIoControl

GetVolumeNameForVolumeMountPointW

GetVolumePathNamesForVolumeNameW

GetLengthSid

InitializeAcl

FreeSid

CheckTokenMembership

PrivilegeCheck

GetTokenInformation

InitializeSecurityDescriptor

AdjustTokenPrivileges

CreateWellKnownSid

SetSecurityDescriptorOwner

CopySid

DuplicateToken

GetAclInformation

GetAce

AddAce

AddAccessDeniedAceEx

AddAccessAllowedAceEx

IsValidSid

AccessCheck

GetSidSubAuthorityCount

EqualDomainSid

SetSecurityDescriptorDacl

EqualSid

AddAccessAllowedAce

AllocateAndInitializeSid

SetSecurityDescriptorGroup

SetVolumeMountPointW

EventWriteTransfer

EventUnregister

EventSetInformation

EventRegister

RpcStringFreeW

I_RpcBindingInqLocalClientPID

UuidToStringW

DevObjDestroyDeviceInfoList

DevObjCreateDeviceInfoList

DevObjUninstallDevice

DevObjGetDeviceRegistryProperty

DevObjEnumDeviceInterfaces

DevObjGetClassDevs

DevObjEnumDeviceInfo

DevObjGetDeviceInterfaceDetail

MoveFileExW

I_ScUnregisterDeviceNotification

I_ScRegisterDeviceNotification

GetComputerNameW

RtlCaptureContext

RtlVirtualUnwind

RtlLookupFunctionEntry

QueryPerformanceCounter

LoadVssSnapshotSetDescription

VssFreeSnapshotPropertiesInternal

CreateWriterEx

CreateVssSnapshotSetDescription

CreateWriter

ord10

ord11

ord3

ord1

ord2

ord5

ord9

ord6

ord7

ord8

ord4

DeregisterEventSource

ReportEventW

RegisterEventSourceW

AuthzRegisterSecurityEventSource

AuthzUnregisterSecurityEventSource

AuthzReportSecurityEventFromParams

OpenProcess

QueryFullProcessImageNameW

GetTimeZoneInformation

ResolveDelayLoadedAPI

DelayLoadFailureHook

GetStorageDependencyInformation

BcdCloseObject

BcdForciblyUnloadStore

BcdOpenSystemStore

BcdCloseStore

BcdGetElementData

BcdOpenObject

EncodePointer

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE