IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

SE_GetShimId

SE_ShimDPF

memmove

memcpy

_CxxThrowException

memset

__CxxFrameHandler3

_wcsicmp

_vscwprintf

_vsnwprintf

_vsnprintf

_stricmp

__C_specific_handler

sprintf_s

vsprintf_s

atol

_scwprintf

_wcsnicmp

wcsrchr

wcsncmp

wcsspn

iswctype

towlower

wcschr

wcspbrk

wcsstr

_vscprintf

iswspace

_XcptFilter

_amsg_exit

free

malloc

_initterm

??1type_info@@UEAA@XZ

strcmp

RtlAllocateHeap

RtlFreeHeap

NtQueryKey

RtlNtStatusToDosError

RtlReportException

NtTerminateProcess

RtlRaiseException

NtQueryInformationProcess

RtlUniform

RtlValidateHeap

RtlCaptureStackBackTrace

RtlImageNtHeader

RtlCaptureContext

WinSqmAddToStream

RtlInitUnicodeString

NtOpenFile

NtQuerySystemInformation

RtlLengthRequiredSid

RtlInitializeSid

NtQueryInformationToken

RtlSubAuthoritySid

RtlCreateUnicodeStringFromAsciiz

RtlFreeUnicodeString

RtlMultiByteToUnicodeN

RtlUnicodeToMultiByteSize

RtlUnicodeToMultiByteN

RtlGetOwnerSecurityDescriptor

RtlEqualSid

NtQueryObject

RtlAppendUnicodeToString

RtlFormatCurrentUserKeyPath

RtlGetLastNtStatus

RtlSetLastWin32ErrorAndNtStatusFromNtStatus

RtlVirtualUnwind

RtlLookupFunctionEntry

RegDeleteKeyExW

RegQueryValueExW

RegCloseKey

RegEnumKeyExW

RegOpenKeyExA

RegSetValueExW

RegGetKeySecurity

RegOpenKeyExW

GetAclInformation

FreeSid

CheckTokenMembership

AllocateAndInitializeSid

GetAce

CopySid

GetSecurityDescriptorDacl

GetFileSecurityW

GetTokenInformation

EventWriteTransfer

GetSystemMetrics

EnumDisplaySettingsW

CharUpperW

ShellExecuteExW

PathFindFileNameW

CompareStringEx

LCIDToLocaleName

DeleteCriticalSection

GetProcAddress

GetModuleHandleW

GetTickCount

GetSystemTimeAsFileTime

QueryPerformanceCounter

TerminateProcess

SetUnhandledExceptionFilter

UnhandledExceptionFilter

Sleep

SearchPathW

CreateMutexW

OpenMutexW

ReleaseActCtx

QueryActCtxW

CreateActCtxW

GetTempFileNameW

GetTempPathW

GetTempFileNameA

GetTempPathA

InitializeCriticalSectionAndSpinCount

ExpandEnvironmentStringsA

LeaveCriticalSection

EnterCriticalSection

GetFileSize

SetFilePointer

CreateFileW

LocalFree

LocalAlloc

GetVolumeNameForVolumeMountPointW

GetSystemDirectoryW

GetModuleFileNameW

GetWindowsDirectoryW

GetShortPathNameW

ExpandEnvironmentStringsW

FindClose

FindFirstFileW

GetDriveTypeW

GetLogicalDriveStringsW

GetFileAttributesW

RegisterApplicationRestart

GetApplicationRestartSettings

WerRegisterMemoryBlock

MapViewOfFile

CreateFileMappingW

UnmapViewOfFile

CloseHandle

SetNamedPipeHandleState

GetCurrentProcessId

SetLastError

CreateEventW

InitializeCriticalSection

OutputDebugStringA

WriteFile

CancelIo

WaitForSingleObject

ReadFile

InitializeSRWLock

GetCurrentThread

GetCurrentProcess

QueryFullProcessImageNameW

LoadLibraryW

ReleaseSRWLockExclusive

AcquireSRWLockExclusive

ReleaseSRWLockShared

GetCurrentThreadId

AcquireSRWLockShared

IsNLSDefinedString

FindNLSStringEx

WideCharToMultiByte

HeapReAlloc

GetLastError

LCMapStringEx

HeapFree

MultiByteToWideChar

GetProcessHeap

HeapAlloc

GetLocaleInfoEx

GetCommandLineW

OpenProcessToken

GetSecurityInfo

GetFileSecurityA

OpenThreadToken

SfcIsKeyProtected

ord203

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ