Import table
advapi32.dll
RegCreateKeyExW, IsValidSid, RegDeleteKeyW, RegDeleteValueW, RegOpenKeyExW, RegEnumKeyExW, RegCloseKey, RegSetValueExW, SetSecurityDescriptorDacl, InitializeSecurityDescriptor, RegOpenKeyExA, RegQueryValueExA, CreateProcessAsUserW, GetSidSubAuthority, GetSidSubAuthorityCount, GetTokenInformation, OpenProcessToken, SetSecurityInfo, SetEntriesInAclW, CreateWellKnownSid, GetSecurityInfo, ConvertSidToStringSidW, ConvertStringSecurityDescriptorToSecurityDescriptorW, RegQueryValueExW, RegEnumValueW, RegNotifyChangeKeyValue, SetThreadToken, GetSecurityDescriptorSacl, SetTokenInformation, GetLengthSid, ConvertStringSidToSidW, TraceEvent, UnregisterTraceGuids, RegisterTraceGuidsW, GetTraceLoggerHandle, GetTraceEnableFlags, GetTraceEnableLevel, CryptDecrypt, CryptDuplicateKey, CryptSetKeyParam, CryptEncrypt, CryptGetKeyParam, CryptDuplicateHash, CryptSignHashW, CryptExportKey, CryptVerifySignatureW, CryptCreateHash, CryptSetHashParam, CryptHashData, CryptGetHashParam, CryptDestroyHash, CryptAcquireContextW, CryptImportKey, InitializeAcl, AddAccessAllowedAce, CryptGenKey, CryptDestroyKey, CryptReleaseContext, GetUserNameW, LookupAccountSidW, AllocateAndInitializeSid, CheckTokenMembership, FreeSid, LookupAccountNameW, RegEnumValueA, RegDisablePredefinedCache, RevertToSelf, CreateRestrictedToken, DuplicateTokenEx, DuplicateToken, EqualSid, LookupPrivilegeValueW, CopySid, RegQueryInfoKeyW
comctl32.dll
ImageList_Create, ImageList_Destroy, InitCommonControlsEx, ImageList_ReplaceIcon
gdi32.dll
GetFontData, AddFontMemResourceEx, StartDocW, SaveDC, GetDeviceCaps, RestoreDC, EndDoc, GetWorldTransform, EnumEnhMetaFile, ModifyWorldTransform, PtInRegion, EndPage, PlayEnhMetaFile, GdiComment, GetEnhMetaFileBits, GetEnhMetaFileHeader, DeleteEnhMetaFile, CloseEnhMetaFile, GetEnhMetaFileW, CreateEnhMetaFileW, SetEnhMetaFileBits, PlayEnhMetaFileRecord, ExtEscape, CreateFontW, GetTextFaceW, PatBlt, CreateDCW, StretchDIBits, SwapBuffers, ChoosePixelFormat, SetPixelFormat, SetRectRgn, CombineRgn, GdiFlush, BitBlt, GdiAlphaBlend, GetObjectW, CreateDCA, GetOutlineTextMetricsW, CreateFontIndirectW, CreateRectRgn, CreateRectRgnIndirect, PathToRegion, SelectClipRgn, SetPolyFillMode, BeginPath, PolyBezier, AbortPath, EndPath, SetWorldTransform, SetGraphicsMode, SetStretchBltMode, SetBrushOrgEx, SetArcDirection, SetBkColor, SetTextColor, SetDCBrushColor, SetDCPenColor, SetROP2, CreateCompatibleDC, CreateDIBSection, SetDIBits, SelectObject, SetBkMode, CreateBitmap, DeleteObject, DeleteDC, Rectangle, GetStockObject, ExtTextOutW, LineTo, MoveToEx, CreatePen, CreateCompatibleBitmap, GetTextMetricsW, SetICMMode, EnumFontFamiliesExW, GetRegionData, GetGlyphOutlineW, CreatePolygonRgn, RemoveFontMemResourceEx, GetFontUnicodeRanges, GetTextColor, GetGlyphIndicesW, GetCharWidthI, LPtoDP, GetTextExtentPoint32W, CreateSolidBrush, GetClipBox, SetMiterLimit, ExtCreatePen, GetStretchBltMode, StrokePath, StrokeAndFillPath, StretchBlt, SetMapMode, ExcludeClipRect, GetRgnBox, EqualRgn, GetBkColor, SetLayout, SetViewportOrgEx, CancelDC, SetAbortProc, TextOutW, IntersectClipRect, StartPage, GetCurrentObject
kernel32.dll
DllMain
ole32.dll
OleDuplicateData, ReleaseStgMedium, CoDisconnectObject, RegisterDragDrop, CLSIDFromString, DoDragDrop, RevokeDragDrop, OleInitialize, OleUninitialize, CoCreateGuid, StringFromGUID2, GetHGlobalFromStream, CreateStreamOnHGlobal, PropVariantClear, CoInitialize, CoUninitialize, CoTaskMemAlloc, CoTaskMemFree, CoTaskMemRealloc, CoCreateInstance
oleacc.dll
LresultFromObject, ObjectFromLresult, AccessibleObjectFromWindow, CreateStdAccessibleObject
psapi.dll
QueryWorkingSet, GetMappedFileNameW, GetModuleFileNameExW, GetProcessMemoryInfo
rpcrt4.dll
UuidToStringW, UuidCreateSequential, RpcStringFreeW, UuidCreate
secur32.dll
FreeCredentialsHandle, DeleteSecurityContext, CompleteAuthToken, AcquireCredentialsHandleA, InitializeSecurityContextA, QueryContextAttributesW, FreeContextBuffer, AcquireCredentialsHandleW, EncryptMessage, InitializeSecurityContextW, DecryptMessage, QuerySecurityPackageInfoW, ApplyControlToken
shell32.dll
Shell_NotifyIconW, SHChangeNotify, SHGetFileInfoW, SHGetSpecialFolderPathW, DragFinish, SHGetPathFromIDListW, SHGetDesktopFolder, ShellExecuteA, DragQueryFileW, SHBrowseForFolderW, SHGetFolderPathW, SHFileOperationW, CommandLineToArgvW, ShellExecuteW, SHAppBarMessage, ShellExecuteExW
shlwapi.dll
PathRemoveExtensionW, SHDeleteKeyW, SHStrDupW, SHGetValueA, PathFindFileNameW, PathGetCharTypeW, SHDeleteEmptyKeyW, UrlCreateFromPathA, PathIsUNCA, PathFileExistsA, UrlCreateFromPathW, PathIsUNCW, PathFindExtensionW, PathFileExistsW
user32.dll
DllMain
userenv.dll
RegisterGPNotification
usp10.dll
ScriptGetFontProperties, ScriptFreeCache, ScriptCPtoX, ScriptXtoCP, ScriptTextOut, ScriptItemize, ScriptJustify, ScriptShape, ScriptPlace
version.dll
VerQueryValueW, GetFileVersionInfoSizeW, GetFileVersionInfoW
winmm.dll
waveOutUnprepareHeader, waveOutWrite, waveOutOpen, waveOutRestart, waveOutPause, waveOutReset, waveOutClose, waveInPrepareHeader, waveOutPrepareHeader, waveInAddBuffer, waveInOpen, waveInStart, waveInReset, timeGetTime, timeBeginPeriod, timeEndPeriod, timeGetDevCaps, waveOutGetNumDevs, waveInUnprepareHeader, waveInGetNumDevs, waveInClose
Export table
_DelayedLowerToken@4
_TargetCreateEventW@20
_TargetCreateNamedPipeW@36
_TargetCreateProcessA@44
_TargetCreateProcessW@44
_TargetNtCreateFile@48
_TargetNtCreateKey@32
_TargetNtMapViewOfSection@44
_TargetNtOpenFile@28
_TargetNtOpenKey@16
_TargetNtOpenKeyEx@20
_TargetNtOpenProcess@20
_TargetNtOpenProcessToken@16
_TargetNtOpenProcessTokenEx@20
_TargetNtOpenThread@20
_TargetNtOpenThreadToken@20
_TargetNtOpenThreadTokenEx@24
_TargetNtQueryAttributesFile@12
_TargetNtQueryFullAttributesFile@12
_TargetNtSetInformationFile@24
_TargetNtSetInformationThread@20
_TargetNtUnmapViewOfSection@12
_TargetOpenEventW@16
g_interceptions
g_nt
g_originals
g_shared_delayed_integrity_level
g_shared_IPC_size
g_shared_policy_size
g_shared_section
RelaunchChromeBrowserWithNewCommandLineIfNeeded
