病毒木马常用api

文章目录

提取自MyMonitor TraceDllReport.dll
发现了个更好的东西top-maliciously-used-apis

Sleep
WSAConnect
connect
bind
send
SetFileAttributesW
ExitProcess
MessageBoxW
MessageBoxA
TerminateProcess
WriteProcessMemory
ReadProcessMemory
AdjustTokenPrivileges
OpenProcessToken
IsDebuggerPresent

ResumeThread
CreateThread
CreateRemoteThread
OpenProcess
URLDownloadToCacheFileW
URLDownloadToCacheFileA
URLDownloadToFileW
URLDownloadToFileA
InternetReadFileEx
InternetReadFile
InternetOpenUrlW
InternetOpenUrlA
FtpOpenFileA
HttpOpenRequestA
InternetConnectA
InternetOpenA
UnlockServiceDatabase
StartServiceCtrlDispatcher
StartServiceW
StartServiceA
SetServiceStatus
SetServiceObjectSecurity
RegisterServiceCtrlHandlerEx
RegisterServiceCtrlHandler
QueryServiceStatusEx
QueryServiceStatus
QueryServiceObjectSecurity
QueryServiceLockStatus
QueryServiceConfig2
QueryServiceConfig
OpenServiceW
OpenServiceA
OpenSCManager
NotifyBootConfigStatus
LockServiceDatabase
GetServiceKeyName
GetServiceDisplayName
EnumServicesStatusEx
EnumServicesStatus
EnumDependentServices
DeleteService
CreateServiceW
CreateServiceA
ControlService
OpenSCManagerW
OpenSCManagerA
CloseServiceHandle
ChangeServiceConfig2
ChangeServiceConfigW
ChangeServiceConfigA
FindWindowW
FindWindowA
Process32NextW
Process32Next
Process32First
CreateToolhelp32Snapshot
WinExec
ShellExecuteExW
ShellExecuteExA
ShellExecuteW
ShellExecuteA
CreateProcessW
CreateProcessA
RegSaveKeyExW
RegSaveKeyExA
RegSaveKeyW
RegSaveKeyA
RegRestoreKeyW
RegRestoreKeyA
RegReplaceKeyW
RegReplaceKeyA
RegSetValueExW
RegSetValueExA
RegQueryValueExW
RegQueryValueExA
RegQueryInfoKeyW
RegQueryInfoKeyA
RegOpenKeyExW
RegOpenKeyExA
RegNotifyChangeKeyValue
RegEnumValueW
RegEnumValueA
RegEnumKeyExW
RegEnumKeyExA
RegDeleteValueW
RegDeleteValueA
RegDeleteKeyW
RegDeleteKeyA
RegCloseKey
RegCreateKeyExW
RegCreateKeyExA
strcmp
lstrcmpW
lstrcmpiA
lstrcmpA
CloseHandle
OpenFile
MoveFileW
MoveFileExW
MoveFileExA
MoveFileA
GetModuleFileNameA
GetFileAttributesW
FindFirstFileExW
FindFirstFileExA
DeleteFileW
DeleteFileA
CreateDirectoryW
CreateDirectoryExW
WriteFileEx
WriteFile
CopyFileExW
CopyFileExA
WritePrivateProfileStringW
WritePrivateProfileStringA
CreateFileW
CreateFileA
SetWindowsHookExW
SetWindowsHookExA
LoadLibraryA
mouse_event
keybd_event

更新 安全杀毒软件常用api
GetProcessWindowStation
GetUserObjectInformationA
GetLastActivePopup
GetActiveWindow
RevertToSelf
ImpersonateLoggedOnUser
OpenProcessToken
GetFileLengthFromStorage
GetFileDataFromStorage
CreateSpeedNpeHandle
CreateRoundRectRgn
CreateCompatibleDC
SelectObject
DeleteObject
DeleteDC
GetObjectW
CreateFontIndirectW
RectInRegion
CreateCompatibleBitmap
BitBlt
CreateSolidBrush
CreateRectRgnIndirect
GetDeviceCaps
CreateDCW
GetMapMode
GetViewportExtEx
GetWindowExtEx
DPtoLP
LPtoDP
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
CreateRectRgn
ExtSelectClipRgn
SelectClipRgn
GetClipRgn
PathToRegion
EndPath
AngleArc
BeginPath
MoveToEx
SetViewportOrgEx
EnumFontsW
SetDIBits
CreateDIBSection
ExtCreatePen
GetDCOrgEx
GetClipBox
SetTextColor
SetBkColor
CopyMetaFileW
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
SetMapMode
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
SetArcDirection
SetColorAdjustment
SelectClipPath
GetPixel
StartDocW
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
CreateDIBPatternBrushPt
CreatePatternBrush
CreateBitmap
GetStockObject
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
CreateHatchBrush
PatBlt
SetRectRgn
CombineRgn
GetTextExtentPoint32W
CreateEllipticRgn
Ellipse
GetBkColor
GetTextColor
GetRgnBox
GetTextMetricsW
GetCharWidthW
CreateFontW
StretchDIBits
AlphaBlend
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW
SetupIterateCabinetW
GdipFree
GdipAlloc
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipCloneImage
CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject
GetDIBits
StretchBlt
SetPixel
GetBkMode
GetCurrentObject
ExtCreateRegion
GetBitmapBits
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
TransparentBlt
SizeofResource
LockResource
LoadResource
FindResourceW
GetProcAddress
GetVersionExW
GetModuleHandleW
GetModuleFileNameW
GetCurrentDirectoryW
WaitForSingleObject
DeleteFileW
CloseHandle
DeviceIoControl
CreateFileA
GetDriveTypeA
CreateFileW
Sleep
QueryDosDeviceA
GetLastError
GetFileAttributesW
lstrlenW
GetLogicalDriveStringsW
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
ReleaseMutex
CreateMutexA
TerminateProcess
OpenProcess
GetCommandLineW
FreeLibrary
SetLastError
IsBadReadPtr
FlushInstructionCache
GetCurrentProcess
ReadFile
GetFileSize
GetVersion
GetCurrentThreadId
lstrcmpiW
MultiByteToWideChar
LoadLibraryExW
GetTempPathW
CreateDirectoryW
GetWindowsDirectoryW
OutputDebugStringW
WritePrivateProfileStringW
GetTickCount
GetPrivateProfileSectionW
GetPrivateProfileStringW
CopyFileW
GetCurrentProcessId
TlsFree
GlobalMemoryStatusEx
FindClose
FindNextFileW
FindFirstFileW
TlsSetValue
TlsGetValue
TlsAlloc
LoadLibraryW
GetSystemWindowsDirectoryW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesExW
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
WritePrivateProfileSectionW
GetDiskFreeSpaceW
GetLocalTime
GetPrivateProfileIntW
ExpandEnvironmentStringsW
MoveFileExW
GetSystemTime
GetSystemDirectoryW
GetExitCodeProcess
CreateProcessW
SetThreadPriority
GetCurrentThread
SetFileAttributesW
GetTempFileNameW
CreateThread
CreateEventW
TerminateThread
SetEvent
WaitForMultipleObjects
GlobalDeleteAtom
GlobalAddAtomA
lstrcpynW
GlobalFree
GetExitCodeThread
GetDriveTypeW
OpenMutexA
GetLongPathNameW
SearchPathW
QueryDosDeviceW
MoveFileW
GetDiskFreeSpaceExW
GlobalAddAtomW
GetFileSizeEx
GlobalFindAtomW
OpenMutexW
SetPriorityClass
ResetEvent
CompareFileTime
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetStartupInfoW
SetCurrentDirectoryW
GetFileTime
WriteProcessMemory
VirtualAllocEx
VirtualFreeEx
GetNumberFormatW
CreateMutexW
GetACP
GlobalUnlock
GlobalLock
GlobalAlloc
WideCharToMultiByte
Module32NextW
Module32FirstW
RemoveDirectoryW
WriteFile
MapViewOfFileEx
CreateFileMappingW
UnmapViewOfFile
GlobalMemoryStatus
GetSystemInfo
VirtualProtect
SetErrorMode
GetModuleHandleA
GetProcessTimes
GetSystemTimes
lstrcatW
lstrcpyW
FindCloseChangeNotification
FindFirstChangeNotificationW
GetNativeSystemInfo
FreeResource
GetTimeZoneInformation
FlushFileBuffers
OpenFileMappingW
MapViewOfFile
AreFileApisANSI
ReadProcessMemory
OutputDebugStringA
LoadLibraryA
ProcessIdToSessionId
Thread32Next
SuspendThread
OpenThread
Thread32First
ResumeThread
SetEnvironmentVariableW
lstrcmpW
InitializeCriticalSectionAndSpinCount
SetEndOfFile
SetFilePointer
GetPrivateProfileSectionNamesW
GetHandleInformation
CreateEventA
DisconnectNamedPipe
WaitNamedPipeW
ConnectNamedPipe
CreateNamedPipeW
CreateSemaphoreW
ReleaseSemaphore
GetFullPathNameW
QueryPerformanceCounter
SetNamedPipeHandleState
ReadFileEx
WaitForSingleObjectEx
GetVersionExA
CompareStringW
MulDiv
LocalFree
FormatMessageW
GlobalSize
CompareStringA
GetLocaleInfoW
lstrcmpA
EnumResourceLanguagesW
ConvertDefaultLocale
LocalAlloc
GetStringTypeExW
GetThreadLocale
LockFile
UnlockFile
DuplicateHandle
GetVolumeInformationW
GetShortPathNameW
GlobalReAlloc
GlobalHandle
LocalReAlloc
GlobalFlags
GlobalGetAtomNameW
GetAtomNameW
lstrlenA
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
ExitThread
HeapReAlloc
ExitProcess
HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
VirtualAlloc
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
HeapSetInformation
HeapCreate
HeapDestroy
GetCPInfo
GetOEMCP
IsValidCodePage
LCMapStringW
GetDateFormatA
GetTimeFormatA
LCMapStringA
GetFileInformationByHandle
PeekNamedPipe
GetCurrentDirectoryA
SetCurrentDirectoryA
GetConsoleCP
GetConsoleMode
FatalAppExitA
SetConsoleCtrlHandler
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetProcessHeap
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetFullPathNameA
SetEnvironmentVariableA
KERNEL32.dll
DestroyWindow
GetClientRect
GetDC
ReleaseDC
GetWindow
SetWindowPos
GetWindowRect
SetWindowLongW
GetWindowLongW
IsWindowVisible
IsWindow
MoveWindow
SystemParametersInfoW
SetWindowRgn
SendMessageW
SetTimer
SendMessageTimeoutW
GetWindowThreadProcessId
FindWindowW
CreateWindowExW
PostMessageW
GetClassInfoExW
LoadCursorW
DispatchMessageW
TranslateMessage
GetMessageW
CharNextW
RegisterClassExW
SetWindowLongPtrW
MessageBoxW
GetClassInfoW
CreateDialogIndirectParamW
SetActiveWindow
EnableWindow
PostQuitMessage
PeekMessageW
MsgWaitForMultipleObjects
RedrawWindow
ShowWindow
UpdateLayeredWindow
DrawTextW
CopyRect
InvalidateRect
OffsetRect
KillTimer
GetParent
RegisterWindowMessageW
CallWindowProcW
SetPropA
GetPropA
GetWindowLongPtrW
CreateWindowExA
FrameRect
GetSystemMetrics
SetCapture
ReleaseCapture
FillRect
SetCursor
GetDesktopWindow
SetFocus
GetDlgItem
SetWindowTextW
SetLayeredWindowAttributes
PtInRect
GetCursorPos
WindowFromPoint
ExitWindowsEx
BringWindowToTop
SetForegroundWindow
ScreenToClient
DefWindowProcW
CheckMenuItem
GetSubMenu
LoadMenuW
IsIconic
LoadIconW
CloseDesktop
SwitchDesktop
OpenDesktopW
UnregisterHotKey
RegisterHotKey
LoadImageW
FindWindowExW
DeleteMenu
ClientToScreen
MapWindowPoints
GetMonitorInfoW
MonitorFromWindow
BeginPaint
EndPaint
GetWindowTextW
SwitchToThisWindow
EndDialog
GetClassNameW
GetForegroundWindow
DialogBoxParamW
GetFocus
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
DrawIconEx
IsRectEmpty
AdjustWindowRectEx
TabbedTextOutW
DrawTextExW
GrayStringW
GetMenuItemCount
GetMenuItemID
ModifyMenuW
IsWindowEnabled
GetShellWindow
GetCursor
SetPropW
GetPropW
PrintWindow
GetDlgCtrlID
WaitForInputIdle
CharLowerBuffW
EnumThreadWindows
GetWindowPlacement
SystemParametersInfoA
IntersectRect
GetMenu
SetWindowPlacement
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
GetSysColor
RegisterClassW
UpdateWindow
ShowScrollBar
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
SetMenu
GetKeyState
TrackPopupMenu
TrackPopupMenuEx
ScrollWindow
GetMessagePos
GetMessageTime
UnhookWindowsHookEx
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
GetWindowTextLengthW
RemovePropW
GetClassLongPtrW
CallNextHookEx
SetWindowsHookExW
GetCapture
IsChild
WinHelpW
SendDlgItemMessageW
SendDlgItemMessageA
RemoveMenu
InsertMenuW
AppendMenuW
GetMenuStringW
GetMenuState
GetWindowDC
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextW
SetDlgItemInt
SetDlgItemTextW
IsDlgButtonChecked
IsDialogMessageW
ScrollWindowEx
ValidateRect
EnableMenuItem
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ShowOwnedPopups
MapDialogRect
SetWindowContextHelpId
GetKeyNameTextW
MapVirtualKeyW
InflateRect
GetNextDlgTabItem
GetMenuItemInfoW
DestroyMenu
DrawIcon
CharUpperW
GetSysColorBrush
UnregisterClassW
DestroyIcon
CopyAcceleratorTableW
SetRect
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
GetDialogBaseUnits
SetRectEmpty
TranslateAcceleratorW
CreatePopupMenu
InsertMenuItemW
LoadAcceleratorsW
GetMenuBarInfo
ReuseDDElParam
UnpackDDElParam
RegisterClipboardFormatW
GetSystemMenu
SetParent
UnionRect
PostThreadMessageW
GetDCEx
LockWindowUpdate
USER32.dll
GetFileTitleW
COMDLG32.dll
ClosePrinter
DocumentPropertiesW
OpenPrinterW
WINSPOOL.DRV
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegCreateKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegNotifyChangeKeyValue
CloseServiceHandle
EnumServicesStatusExW
OpenSCManagerW
QueryServiceStatus
OpenServiceW
StartServiceW
ChangeServiceConfigW
CreateServiceW
RegCreateKeyA
RegOpenKeyExA
RegSetValueExA
RegEnumKeyExA
RegDeleteKeyA
DuplicateTokenEx
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetUserNameW
FreeSid
EqualSid
IsValidSid
AllocateAndInitializeSid
GetTokenInformation
SetEntriesInAclW
OpenThreadToken
ControlService
RegSetValueW
RegEnumKeyW
RegOpenKeyW
RegQueryValueW
SetFileSecurityW
GetFileSecurityW
ADVAPI32.dll
ShellExecuteW
SHGetSpecialFolderPathW
SHGetFolderPathW
SHGetPathFromIDListW
SHBrowseForFolderW
SHChangeNotify
DragQueryFileW
SHGetMalloc
SHGetFileInfoW
SHGetSpecialFolderLocation
ShellExecuteExW
SHFileOperationW
CommandLineToArgvW
ExtractIconW
DragFinish
SHELL32.dll
_TrackMouseEvent
COMCTL32.dll
PathFileExistsW
StrStrIW
SHGetValueW
PathCombineW
PathIsDirectoryW
SHGetValueA
SHSetValueA
SHSetValueW
SHDeleteValueW
PathAddBackslashW
PathRemoveFileSpecW
PathCompactPathW
StrCpyNW
StrStrW
PathAppendW
StrCmpNIW
PathFindFileNameW
StrCmpNW
StrCmpW
PathRemoveExtensionW
StrCmpIW
wnsprintfW
PathIsRelativeW
StrRChrW
SHDeleteKeyW
PathFindExtensionW
UrlUnescapeW
PathStripToRootW
PathIsUNCW
SHLWAPI.dll
OleUIBusyW
oledlg.dll
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
CoUninitialize
CoInitialize
OleUninitialize
OleInitialize
CoInitializeSecurity
CoInitializeEx
CreateStreamOnHGlobal
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
CreateBindCtx
ReleaseStgMedium
StringFromCLSID
CoTreatAsClass
OleDuplicateData
CLSIDFromProgID
CLSIDFromString
CoDisconnectObject
StringFromGUID2
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleRun
CoFreeUnusedLibraries
CoRegisterClassObject
CoRevokeClassObject
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
ole32.dll
OLEAUT32.dll
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
VERSION.dll
mciSendCommandW
WINMM.dll
NetApiBufferFree
NetUserGetLocalGroups
NETAPI32.dll
WS2_32.dll
CertCloseStore
CertGetNameStringW
CertNameToStrW
CertEnumCertificatesInStore
CertOpenStore
CRYPT32.dll
WTHelperProvDataFromStateData
WinVerifyTrust
WINTRUST.dll
GetIpAddrTable
IPHLPAPI.DLL
InternetCrackUrlW
InternetCanonicalizeUrlW
InternetQueryOptionW
InternetSetOptionExW
InternetSetCookieW
InternetGetCookieW
InternetQueryDataAvailable
FtpDeleteFileW
FtpRenameFileW
FtpCreateDirectoryW
FtpRemoveDirectoryW
FtpSetCurrentDirectoryW
FtpGetCurrentDirectoryW
FtpPutFileW
FtpGetFileW
InternetErrorDlg
HttpAddRequestHeadersW
HttpQueryInfoW
InternetFindNextFileW
InternetCloseHandle
GopherFindFirstFileW
InternetGetLastResponseInfoW
InternetOpenW
InternetSetStatusCallbackW
InternetSetFilePointer
InternetWriteFile
InternetReadFile
HttpSendRequestW
HttpEndRequestW
HttpSendRequestExW
GopherGetAttributeW
FtpOpenFileW
FtpCommandW
GopherCreateLocatorW
FtpFindFirstFileW
InternetConnectW
GopherOpenFileW
InternetOpenUrlW
HttpOpenRequestW
WININET.dll
SetProcessWorkingSetSize
InterlockedPushEntrySList
VirtualFree
InterlockedPopEntrySList
SetFilePointerEx
AddAtomW
FindAtomW
DeleteAtom
LocalLock
LocalUnlock
IsZoomed
GetUpdateRgn
EnumChildWindows
EnumWindows
CopyImage
IsClipboardFormatAvailable
GetClipboardData
UnregisterClassA
GetTabbedTextExtentW
GetJobW
RegQueryValueExA
Shell_NotifyIconW
GetThreadTimes
LoadStringW
LookupAccountSidW
DeleteAce
GetTrusteeNameW
GetExplicitEntriesFromAclW
SetNamedSecurityInfoW
BuildExplicitAccessWithNameW
GetNamedSecurityInfoW
DeleteService
SetServiceStatus
SetServiceObjectSecurity
GetSecurityDescriptorDacl
QueryServiceObjectSecurity
CopySid
GetLengthSid
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
DeregisterEventSource
ReportEventW
RegisterEventSourceW
ChangeServiceConfig2W
RegisterServiceCtrlHandlerExW
StartServiceCtrlDispatcherW
CreateProcessAsUserW
ConvertStringSecurityDescriptorToSecurityDescriptorW
WTSWaitSystemEvent
WTSFreeMemory
WTSEnumerateSessionsW
WTSSendMessageW
WTSAPI32.dll
DestroyEnvironmentBlock
CreateEnvironmentBlock
USERENV.dll
RpcServerUnregisterIf
RpcMgmtStopServerListening
RpcServerUseProtseqEpW
RpcServerListen
RpcServerRegisterIfEx
RpcAsyncCompleteCall
NdrAsyncServerCall
NdrServerCall2
RPCRT4.dll
GetModuleFileNameExW
PSAPI.DLL
RtlUnwind
PathCombineA
GetProcessWorkingSetSize
VirtualLock
VirtualUnlock
LoadLibraryExA
OpenEventW
InterlockedExchange
InterlockedCompareExchange
SwitchToThread
GetTraceLoggerHandle
GetTraceEnableFlags
GetTraceEnableLevel
RegisterTraceGuidsW
UnregisterTraceGuids
TraceEvent
MSVCP80.dll
_wcsicmp
wcsncat
wcslen
argc wargv
_wcsnicmp
_wtol
memset
wcscpy_s
_vsnprintf_s
_vsnwprintf_s
wcscmp
??_V@YAXPAX@Z
wcsrchr
wcsncpy_s
MSVCR80.dll
_amsg_exit
wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale setusermatherr
_adjust_fdiv
pcommode
pfmode
_encode_pointer
set_app_type
_crt_debugger_hook
_unlock dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
EnumProcesses
EnumProcessModules
GetModuleBaseNameW
FindWindowA
strncpy_s
_memicmp
strchr
wcsncat_s
fflush
_purecall
_snprintf_s
fclose
fwrite
strrchr
GetProcessMemoryInfo
_except_handler3
__CxxFrameHandler3
VS_VERSION_INFO
StringFileInfo
VarFileInfo
Translation
FindResourceExW
InterlockedIncrement
GetThreadPriority
InterlockedDecrement
GetModuleHandleExW
QueueUserAPC
SleepEx

相关东西
黑客常用WinAPI函数整理