IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

CreateCoreWebView2EnvironmentWithOptions

RtlInitUnicodeString

ZwCreateFile

ZwClose

ZwOpenSymbolicLinkObject

ZwQuerySymbolicLinkObject

ZwOpenDirectoryObject

ZwQueryDirectoryObject

ZwQueryVolumeInformationFile

NtLoadDriver

NtQueryInformationFile

NtQuerySystemTime

RtlAnsiStringToUnicodeString

NtReadFile

NtWriteFile

NtClose

NtCreateFile

NtDeviceIoControlFile

NtFsControlFile

RtlTimeToSecondsSince1970

NtUnloadDriver

CreateDiskInfo

PAShowRegisterDlg

PAGetGlobalDataObject

CreateEnvironmentBlock

DestroyEnvironmentBlock

ord13597

ord4181

ord3776

ord5347

ord12931

ord12932

ord2006

ord1665

ord2786

ord1631

ord1499

ord12443

ord8453

ord13186

ord4218

ord10162

ord1088

ord442

ord6847

ord3505

ord3504

ord3208

ord12025

ord2527

ord2519

ord4250

ord13198

ord13197

ord4334

ord8042

ord13862

ord13760

ord8506

ord13131

ord5236

ord7549

ord13766

ord8470

ord8467

ord5346

ord6722

ord12611

ord13496

ord6128

ord7835

ord13499

ord7838

ord4006

ord3795

ord3201

ord3202

ord5749

ord6256

ord7873

ord3229

ord3228

ord13894

ord11755

ord11779

ord3525

ord3526

ord3195

ord9821

ord3203

ord1490

ord1492

ord1343

ord823

ord7893

ord6717

ord7173

ord979

ord8003

ord10965

ord10968

ord9200

ord9215

ord9205

ord9677

ord9682

ord9217

ord10807

ord10199

ord8614

ord8604

ord11435

ord10811

ord8702

ord10835

ord9738

ord9739

ord1446

ord2628

ord6630

ord8917

ord11805

ord11770

ord9039

ord7389

ord7550

ord1420

ord6584

ord3161

ord3270

ord1111

ord6303

ord6285

ord13999

ord4725

ord2479

ord3803

ord6361

ord4086

ord8441

ord10727

ord4343

ord14220

ord13761

ord8471

ord2686

ord8449

ord8058

ord5709

ord285

ord2921

ord6505

ord12030

ord2340

ord14225

ord12087

ord14278

ord5237

ord9068

ord4335

ord12706

ord13767

ord13864

ord2903

ord2222

ord3599

ord265

ord266

ord2344

ord13949

ord2346

ord12600

ord4511

ord4510

ord4947

ord8167

ord8084

ord12544

ord8023

ord5183

ord2439

ord12222

ord12223

ord14210

ord7650

ord14216

ord9089

ord4011

ord3949

ord12625

ord7668

ord2011

ord11664

ord11665

ord14088

ord12212

ord7719

ord14288

ord6121

ord14290

ord6123

ord14289

ord6122

ord3731

ord5706

ord11921

ord11929

ord4445

ord7920

ord10124

ord11933

ord13596

ord12606

ord5555

ord9941

ord6614

ord13545

ord2178

ord7716

ord4513

ord1501

ord1450

ord983

ord7393

ord10070

ord1670

ord7151

ord6588

ord3164

ord4095

ord1424

ord8826

ord6724

ord5674

ord6814

ord6251

ord3056

ord4078

ord1053

ord6001

ord8953

ord7551

ord11813

ord8731

ord10704

ord11085

ord3951

ord3308

ord3307

ord3071

ord10428

ord13397

ord2697

ord11854

ord8901

ord7233

ord10163

ord1089

ord446

ord6848

ord280

ord1503

ord12761

ord8830

ord11081

ord4721

ord13199

ord6250

ord357

ord8507

ord12720

ord13569

ord13568

ord2316

ord7182

ord12700

ord13753

ord12697

ord13742

ord8572

ord13745

ord13345

ord12963

ord12771

ord12546

ord12631

ord12259

ord12239

ord13419

ord12936

ord6282

ord8063

ord8501

ord12762

ord4722

ord12763

ord6549

ord886

ord286

ord3713

ord13679

ord12967

ord2187

ord4499

ord5044

ord1369

ord878

ord4726

ord7394

ord2212

ord1489

ord6313

ord1140

ord990

ord1454

ord6324

ord8900

ord9946

ord7922

ord5227

ord7450

ord7461

ord7460

ord5916

ord5062

ord5229

ord5083

ord5582

ord5339

ord9041

ord5552

ord5363

ord5080

ord11850

ord3172

ord3278

ord3279

ord3812

ord11806

ord2629

ord5723

ord13354

ord11406

ord6631

ord14217

ord7651

ord14211

ord2967

ord4352

ord9384

ord4360

ord4828

ord4767

ord4752

ord4814

ord4859

ord4782

ord4837

ord4853

ord4794

ord4800

ord4806

ord4788

ord4843

ord4776

ord1755

ord1734

ord1748

ord1722

ord1700

ord11940

ord11944

ord13513

ord4512

ord1511

ord1428

ord11367

ord1508

ord10853

ord1034

ord13399

ord300

ord11583

ord3173

ord8947

ord10691

ord6729

ord11902

ord8656

ord14209

ord11625

ord3718

ord11771

ord8821

ord11415

ord11414

ord5451

ord9979

ord9975

ord9977

ord9978

ord9976

ord1390

ord1440

ord7248

ord6892

ord8043

ord6248

ord4077

ord6811

ord7397

ord13689

ord5240

ord1083

ord6280

ord3069

ord1057

ord6258

ord8819

ord3058

ord4081

ord8439

ord2906

ord3746

ord3825

ord8452

ord8516

ord3913

ord2504

ord8515

ord10543

ord11346

ord9973

ord11901

ord11292

ord14360

ord2698

ord7913

ord3209

ord3212

ord13401

ord6002

ord3082

ord3249

ord4082

ord13757

ord12746

ord2475

ord2473

ord6320

ord3756

ord296

ord1033

ord4656

ord2270

ord1641

ord6247

ord1086

ord438

ord1491

ord316

ord12241

ord11294

ord5675

ord10542

ord4948

ord10003

ord11423

ord4949

ord1643

ord9940

ord10040

ord3211

ord11422

ord10933

ord11861

ord9159

ord7874

ord6850

ord4461

ord10869

ord9174

ord4863

ord4864

ord4868

ord4865

ord4866

ord9967

ord4462

ord4459

ord9179

ord9383

ord9731

ord11570

ord2627

ord1039

ord10095

ord323

ord10673

ord11213

ord11786

ord3086

ord5342

ord10007

ord11171

ord10856

ord7209

ord6696

ord7518

ord9220

ord8603

ord5220

ord7837

ord11366

ord8611

ord1146

ord10194

ord3850

ord9192

ord6000

ord10806

ord7826

ord8451

ord10967

ord9191

ord5520

FindVolumeMountPointClose

FindNextVolumeMountPointW

FindFirstVolumeMountPointW

GetVolumeNameForVolumeMountPointW

GetVolumePathNameW

GetFileAttributesExW

GetSystemTimeAsFileTime

FindClose

FindNextFileW

FindFirstFileW

SystemTimeToFileTime

GetSystemTime

FlushFileBuffers

SetThreadExecutionState

GetFileInformationByHandle

FormatMessageW

SuspendThread

ResumeThread

TerminateProcess

CreateDirectoryW

GetFileAttributesW

WritePrivateProfileStringA

GetPrivateProfileStringA

GetSystemPowerStatus

Sleep

TerminateThread

ReadFile

CreateFileW

GetLogicalDriveStringsW

ExitProcess

GetDiskFreeSpaceExW

GetVolumeInformationW

DeviceIoControl

WaitForSingleObject

CreateProcessA

CopyFileA

GetModuleFileNameA

GetSystemWindowsDirectoryA

WTSGetActiveConsoleSessionId

GetCurrentProcess

Process32NextW

Process32FirstW

CreateToolhelp32Snapshot

DeleteFileW

WritePrivateProfileStringW

GetPrivateProfileStringW

GetModuleFileNameW

GetCommandLineW

GetVersionExW

GetModuleHandleW

GetProcAddress

CloseHandle

CreateMutexW

WideCharToMultiByte

MultiByteToWideChar

GetProcessHeap

DeleteCriticalSection

HeapAlloc

GetLastError

InitializeCriticalSectionEx

InitializeCriticalSection

LeaveCriticalSection

GetDriveTypeW

HeapFree

CreateSemaphoreExW

SetLastError

ReleaseSemaphore

GetModuleHandleExW

GetTempPathW

GetCurrentThreadId

ReleaseMutex

OutputDebugStringW

WaitForSingleObjectEx

OpenSemaphoreW

CreateMutexExW

GetCurrentProcessId

DebugBreak

IsDebuggerPresent

SetUnhandledExceptionFilter

LoadLibraryW

IsBadWritePtr

GetPrivateProfileIntW

OutputDebugStringA

SizeofResource

LockResource

LoadResource

FindResourceW

GlobalAlloc

FreeResource

GlobalLock

GlobalUnlock

GlobalFree

GetPrivateProfileIntA

FreeLibrary

WinExec

lstrcpyW

CreateProcessW

DeleteVolumeMountPointW

GetSystemWindowsDirectoryW

SetVolumeMountPointW

SetFilePointer

CreateDirectoryA

CreateFileA

WriteFile

GlobalMemoryStatusEx

GetLocalTime

SetEvent

OpenEventW

EnterCriticalSection

OpenFileMappingW

MapViewOfFile

UnmapViewOfFile

SetHandleInformation

CreatePipe

GetExitCodeProcess

LoadLibraryA

GetDiskFreeSpaceW

GetLogicalDrives

SetFileAttributesW

GetTickCount

CreateEventW

LocalFree

VirtualAlloc

VirtualFree

IsBadReadPtr

InitializeCriticalSectionAndSpinCount

ResetEvent

RtlCaptureContext

RtlLookupFunctionEntry

RtlVirtualUnwind

UnhandledExceptionFilter

IsProcessorFeaturePresent

QueryPerformanceCounter

InitializeSListHead

GetStartupInfoW

GetCursorPos

LoadMenuW

GetSubMenu

ModifyMenuW

DeleteMenu

ShowWindow

SetWindowPos

LoadImageW

GetKeyState

GetAsyncKeyState

ReleaseCapture

GetCapture

SetCapture

GetWindowTextW

DrawStateW

DestroyCursor

IsWindow

IsWindowVisible

DestroyIcon

GetIconInfo

SetLayeredWindowAttributes

FindWindowW

IsWindowEnabled

GetWindowDC

GetWindowLongPtrW

DefWindowProcW

CallWindowProcW

CopyRect

CreateWindowExW

SetPropW

GetPropW

RemovePropW

SetWindowLongPtrW

SetParent

IsZoomed

GetDlgCtrlID

SetWindowRgn

ClientToScreen

OffsetRect

SetScrollInfo

GetScrollInfo

SystemParametersInfoW

IsDlgButtonChecked

GetWindowLongW

ScreenToClient

KillTimer

DrawIcon

GetSystemMetrics

IsIconic

SetForegroundWindow

LoadIconW

GetWindowRect

SetTimer

wsprintfW

MessageBoxW

TrackMouseEvent

SetWindowLongW

GetFocus

DrawIconEx

FillRect

LoadCursorW

SetCursor

GrayStringW

DrawTextExW

DrawTextW

TabbedTextOutW

GetSysColor

InflateRect

InvalidateRect

GetDC

PtInRect

EnableWindow

SendMessageW

GetClientRect

GetParent

RegisterClassW

PostMessageW

MoveWindow

LoadBitmapW

ReleaseDC

GetTextMetricsW

MoveToEx

LineTo

SetTextJustification

CreateRectRgn

ExcludeClipRect

GetTextColor

Rectangle

SetBkColor

FillRgn

CreatePolygonRgn

CreatePatternBrush

DeleteObject

DeleteDC

GetBkColor

SetBkMode

GetTextExtentPoint32W

GetObjectW

CreateSolidBrush

Escape

ExtTextOutW

GetDeviceCaps

CreateFontIndirectW

TextOutW

CreatePen

SetTextColor

RectVisible

PtVisible

SelectObject

CreateCompatibleBitmap

GetStockObject

CreateFontW

BitBlt

GetCurrentObject

CreateCompatibleDC

RegUnLoadKeyW

RegLoadKeyW

RegQueryValueExA

RegOpenKeyA

RegOpenKeyW

RegQueryValueW

RegOpenKeyExW

RegCloseKey

RegQueryValueExW

RegCreateKeyExW

AdjustTokenPrivileges

LookupPrivilegeValueW

CreateProcessAsUserW

SetTokenInformation

DuplicateTokenEx

OpenProcessToken

SHChangeNotify

SHGetFolderPathW

SHAppBarMessage

CommandLineToArgvW

ShellExecuteA

Shell_NotifyIconW

ShellExecuteW

_TrackMouseEvent

InitCommonControlsEx

PathAppendW

CoCreateInstance

CoSetProxyBlanket

CoInitializeSecurity

CreateStreamOnHGlobal

CoInitialize

CoTaskMemFree

CoUninitialize

CoInitializeEx

VariantChangeType

VariantClear

VariantInit

SysFreeString

SysAllocString

?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ

?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z

?_Xout_of_range@std@@YAXPEBD@Z

?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z

?_Xlength_error@std@@YAXPEBD@Z

?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z

?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z

?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z

?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z

?uncaught_exception@std@@YA_NXZ

GdiplusShutdown

GdiplusStartup

GdipFree

GdipAlloc

GdipCloneImage

GdipDisposeImage

GdipDrawImageRect

GdipFillPath

GdipDrawPath

GdipSetSmoothingMode

GdipDeletePen

GdipCreatePen1

GdipCreateLineBrushFromRect

GdipCreateSolidFill

GdipDeleteBrush

GdipCloneBrush

GdipAddPathArcI

GdipAddPathLineI

GdipClosePathFigure

GdipDeletePath

GdipCreatePath

GdipLoadImageFromStreamICM

GdipLoadImageFromStream

GdipReleaseDC

GdipDrawImageRectRect

GdipGetImageWidth

GdipGetImageHeight

GdipDeleteGraphics

GdipCreateFromHDC

EVP_CipherInit_ex

EVP_aes_128_ecb

EVP_CipherUpdate

EVP_CipherFinal_ex

EVP_CIPHER_CTX_free

EVP_CIPHER_CTX_new

UuidCreate

WTSQuerySessionInformationW

WTSFreeMemory

__CxxFrameHandler4

strrchr

wcschr

memcmp

wcsstr

wcsrchr

memmove

_purecall

_CxxThrowException

strchr

__C_specific_handler

__current_exception

__current_exception_context

__std_exception_destroy

__std_exception_copy

memset

memcpy

__std_terminate

strstr

strncmp

wcsncmp

_wcslwr

wcsncpy

strncpy

strcmp

wcsncpy_s

isspace

isalnum

_wcsicmp

_wcsdup

_wcsnicmp

_strnicmp

wcscat

strcpy_s

wcscat_s

wcscpy_s

strcpy

strcat

wcscpy

wcslen

strlen

wcscmp

isdigit

wcstoul

mbstowcs

_wtoi

wcstombs

atoi

_initterm_e

_wassert

exit

_initterm

_exit

_cexit

_c_exit

_register_thread_local_exe_atexit_callback

system

_get_wide_winmain_command_line

_seh_filter_exe

_set_app_type

_errno

_invalid_parameter_noinfo

_invalid_parameter_noinfo_noreturn

terminate

_initialize_onexit_table

_register_onexit_function

_configure_wide_argv

_beginthreadex

_initialize_wide_environment

_crt_atexit

free

calloc

realloc

malloc

_set_new_mode

__stdio_common_vfwprintf

__stdio_common_vfprintf

__acrt_iob_func

__stdio_common_vsprintf_s

__stdio_common_vsnprintf_s

__stdio_common_vswscanf

_wfopen_s

__stdio_common_vswprintf_s

fwrite

fclose

fread

ftell

fseek

fopen

__stdio_common_vswprintf

__stdio_common_vsprintf

__p__commode

_set_fmode

sin

cos

__setusermatherr

_localtime64

_mktime64

_time64

_localtime64_s

_ftime64_s

qsort

rand

_configthreadlocale

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE