k4nfr3/IORI_Loader 0x99 hash of functions

## IORI_Loader 0x99 hash of functions
'ntdll.dll' '4097367' '0x3e8557'
'RegNtCallbackObjectContextCleanup' '1094975913383384674' '0xf3222cab2d35662'
'RegNtPostCreateKey' '76320549262' '0x11c50f298e'
'RegNtPostCreateKeyEx' '686884943685' '0x9fed887745'
'RegNtPostDeleteKey' '76320533467' '0x11c50eebdb'
'RegNtPostDeleteValueKey' '18545889663766' '0x10de0d2a5b16'
'RegNtPostEnumerateKey' '2060655325624' '0x1dfc8a0f1b8'
'RegNtPostEnumerateValueKey' '500739244157917' '0x1c76b70c5ebdd'
'RegNtPostFlushKey' '25440190120' '0x5ec5a7ea8'
'RegNtPostKeyHandleClose' '18545901133010' '0x10de0dd95cd2'
'RegNtPostLoadKey' '8480066248' '0x1f9738ac8'
'RegNtPostOpenKey' '8480069272' '0x1f9739698'
'RegNtPostOpenKeyEx' '76320623775' '0x11c5104c9f'
'RegNtPostQueryKey' '25440217228' '0x5ec5ae88c'
'RegNtPostQueryKeyName' '2060657598875' '0x1dfc8c3a19b'
'RegNtPostQueryKeySecurity' '166913265526084' '0x97ce85e66544'
'RegNtPostQueryMultipleValueKey' '40559923626043609' '0x9019091fd8e8d9'
'RegNtPostQueryValueKey' '6181972817689' '0x59f5a4b3719'
'RegNtPostRenameKey' '76320625240' '0x11c5105258'
'RegNtPostReplaceKey' '228961885564' '0x354f311d7c'
'RegNtPostRestoreKey' '228961902574' '0x354f315fee'
'RegNtPostSaveKey' '8480069677' '0x1f973982d'
'RegNtPostSetInformationKey' '500739659027200' '0x1c76b89805300'
'RegNtPostSetKeySecurity' '18545913291322' '0x10de0e92e23a'
'RegNtPostSetValueKey' '686885697883' '0x9fed93f95b'
'RegNtPostUnLoadKey' '76320642223' '0x11c51094af'
'RegNtPreCreateKey' '25439856481' '0x5ec556761'
'RegNtPreCreateKeyEx' '228958708656' '0x354f00a3b0'
'RegNtPreDeleteKey' '25439840686' '0x5ec5529ae'
'RegNtPreDeleteValueKey' '6181881317983' '0x59f54d70a5f'
'RegNtPreEnumerateKey' '686876620537' '0x9fed0976f9'
'RegNtPreEnumerateValueKey' '166911018821776' '0x97cdfffc6890'
'RegNtPreFlushKey' '8479959193' '0x1f971e899'
'RegNtPreKeyHandleClose' '6181892787227' '0x59f55860c1b'
'RegNtPreLoadKey' '2826655939' '0xa87b58c3'
'RegNtPreOpenKey' '2826658963' '0xa87b6493'
'RegNtPreOpenKeyEx' '25439930994' '0x5ec568a72'
'RegNtPreQueryKey' '8479986301' '0x1f972527d'
'RegNtPreQueryKeyName' '686878893788' '0x9fed2c26dc'
'RegNtPreQueryKeySecurity' '55637190414037' '0x329a0af88ed5'
'RegNtPreQueryMultipleValueKey' '13519837373816188' '0x30083870165d7c'
'RegNtPreQueryValueKey' '2060636702428' '0x1dfc784c6dc'
'RegNtPreRenameKey' '25439932459' '0x5ec56902b'
'RegNtPreReplaceKey' '76319807221' '0x11c503d6f5'
'RegNtPreRestoreKey' '76319824231' '0x11c5041967'
'RegNtPreSaveKey' '2826659368' '0xa87b6628'
'RegNtPreSetInformationKey' '166911433691059' '0x97ce18b6cfb3'
'RegNtPreSetKeySecurity' '6181904945539' '0x59f563f9183'
'RegNtPreSetValueKey' '228959462854' '0x354f0c25c6'
'RegNtPreUnLoadKey' '25439949442' '0x5ec56d282'
'NtAddBootEntry' '937981318' '0x37e87586'
'NtAdjustPrivilegesToken' '18471338352953' '0x10ccb18fa139'
'NtAllocateVirtualMemory' '18479814906352' '0x10ceaacd91f0'
'NtAllocateVirtualMemoryEx' '166318334157495' '0x9744013a22b7'
'NtCreateMutant' '939383402' '0x37fdda6a'
'NtDelayExecution' '8450345072' '0x1f7ae0870'
'NtDeleteBootEntry' '25351751002' '0x5e715055a'
'NtGdiBitBlt' '34782326' '0x212bc76'
'NtLoadDriver' '104516913' '0x63acd31'
'NtMapViewOfSection' '76162514744' '0x11bba3bf38'
'NtMapViewOfSectionEx' '685462633023' '0x9f98c1ba3f'
'NtModifyBootEntry' '25406764987' '0x5ea5c77bb'
'NtOpenCreateFile' '8472445553' '0x1f8ff4271'
'NtOpenProcessToken' '76254510023' '0x11c11f7bc7'
'NtOpenProcessTokenEx' '686290590534' '0x9fca1b5b46'
'NtOpenThreadToken' '25418225006' '0x5eb0b556e'
'NtOpenThreadTokenEx' '228764025381' '0x3543660225'
'NtProtectVirtualMemory' '6180333595348' '0x59ef896aad4'
'NtQueryInformationTokenTokenUser' '365008029056155218' '0x510c4de580ebe52'
'NtQuerySystemInformation' '55633637205452' '0x3299372ee5cc'
'NtQueueApcThread' '8479071580' '0x1f9645d5c'
'NtQueueApcThreadEx' '76311644547' '0x11c4874983'
'NtQueueApcThreadEx2' '228934933691' '0x354d95dcbb'
'NtReadVirtualMemory' '228701921503' '0x353fb260df'
'NtSetContextThread' '76265759146' '0x11c1cb21aa'
'NtSetInformationProcess' '18533185988482' '0x10db17f7a782'
'NtSetInformationProcessCriticalProcess' '265930962163018971706' '0xe6a88911fe8973a3a'
'NtSetInformationThreadCriticalThread' '29547884685846349660' '0x19a0f2c920413875c'
'NtSetInformationThreadHideFromDebugger' '265930962172624830072' '0xe6a8891222524fe78'
'NtSetInformationThreadImpersonationToken' '2393378659554168406220' '0x81becd1a336ec800cc'
'NtSetInformationThreadWow64Context' '3283098298430471909' '0x2d8fe88200a33ee5'
'NtSetInformationVirtualMemory' '13510692587801263' '0x2fffe7405d8aaf'
'NtSystemDebugControl' '687447394776' '0xa00f0ec9d8'
'NtUnmapViewOfSection' '687067230269' '0x9ff865f03d'
'NtUnmapViewOfSectionEx' '6183605072748' '0x59fbb95736c'
'NtUserGetAsyncKeyState' '6184724671250' '0x59ffe512b12'
'NtUserGetClipboardData' '6184723656316' '0x59ffe41ae7c'
'NtUserSetWindowsHookEx' '6184906107357' '0x5a00921a9dd'
'NtWriteVirtualMemory' '687514600120' '0xa0131042b8'
	'ntdll.dll' '4097367' '0x3e8557'
	'RegNtCallbackObjectContextCleanup' '1094975913383384674' '0xf3222cab2d35662'
	'RegNtPostCreateKey' '76320549262' '0x11c50f298e'
	'RegNtPostCreateKeyEx' '686884943685' '0x9fed887745'
	'RegNtPostDeleteKey' '76320533467' '0x11c50eebdb'
	'RegNtPostDeleteValueKey' '18545889663766' '0x10de0d2a5b16'
	'RegNtPostEnumerateKey' '2060655325624' '0x1dfc8a0f1b8'
	'RegNtPostEnumerateValueKey' '500739244157917' '0x1c76b70c5ebdd'
	'RegNtPostFlushKey' '25440190120' '0x5ec5a7ea8'
	'RegNtPostKeyHandleClose' '18545901133010' '0x10de0dd95cd2'
	'RegNtPostLoadKey' '8480066248' '0x1f9738ac8'
	'RegNtPostOpenKey' '8480069272' '0x1f9739698'
	'RegNtPostOpenKeyEx' '76320623775' '0x11c5104c9f'
	'RegNtPostQueryKey' '25440217228' '0x5ec5ae88c'
	'RegNtPostQueryKeyName' '2060657598875' '0x1dfc8c3a19b'
	'RegNtPostQueryKeySecurity' '166913265526084' '0x97ce85e66544'
	'RegNtPostQueryMultipleValueKey' '40559923626043609' '0x9019091fd8e8d9'
	'RegNtPostQueryValueKey' '6181972817689' '0x59f5a4b3719'
	'RegNtPostRenameKey' '76320625240' '0x11c5105258'
	'RegNtPostReplaceKey' '228961885564' '0x354f311d7c'
	'RegNtPostRestoreKey' '228961902574' '0x354f315fee'
	'RegNtPostSaveKey' '8480069677' '0x1f973982d'
	'RegNtPostSetInformationKey' '500739659027200' '0x1c76b89805300'
	'RegNtPostSetKeySecurity' '18545913291322' '0x10de0e92e23a'
	'RegNtPostSetValueKey' '686885697883' '0x9fed93f95b'
	'RegNtPostUnLoadKey' '76320642223' '0x11c51094af'
	'RegNtPreCreateKey' '25439856481' '0x5ec556761'
	'RegNtPreCreateKeyEx' '228958708656' '0x354f00a3b0'
	'RegNtPreDeleteKey' '25439840686' '0x5ec5529ae'
	'RegNtPreDeleteValueKey' '6181881317983' '0x59f54d70a5f'
	'RegNtPreEnumerateKey' '686876620537' '0x9fed0976f9'
	'RegNtPreEnumerateValueKey' '166911018821776' '0x97cdfffc6890'
	'RegNtPreFlushKey' '8479959193' '0x1f971e899'
	'RegNtPreKeyHandleClose' '6181892787227' '0x59f55860c1b'
	'RegNtPreLoadKey' '2826655939' '0xa87b58c3'
	'RegNtPreOpenKey' '2826658963' '0xa87b6493'
	'RegNtPreOpenKeyEx' '25439930994' '0x5ec568a72'
	'RegNtPreQueryKey' '8479986301' '0x1f972527d'
	'RegNtPreQueryKeyName' '686878893788' '0x9fed2c26dc'
	'RegNtPreQueryKeySecurity' '55637190414037' '0x329a0af88ed5'
	'RegNtPreQueryMultipleValueKey' '13519837373816188' '0x30083870165d7c'
	'RegNtPreQueryValueKey' '2060636702428' '0x1dfc784c6dc'
	'RegNtPreRenameKey' '25439932459' '0x5ec56902b'
	'RegNtPreReplaceKey' '76319807221' '0x11c503d6f5'
	'RegNtPreRestoreKey' '76319824231' '0x11c5041967'
	'RegNtPreSaveKey' '2826659368' '0xa87b6628'
	'RegNtPreSetInformationKey' '166911433691059' '0x97ce18b6cfb3'
	'RegNtPreSetKeySecurity' '6181904945539' '0x59f563f9183'
	'RegNtPreSetValueKey' '228959462854' '0x354f0c25c6'
	'RegNtPreUnLoadKey' '25439949442' '0x5ec56d282'
	'NtAddBootEntry' '937981318' '0x37e87586'
	'NtAdjustPrivilegesToken' '18471338352953' '0x10ccb18fa139'
	'NtAllocateVirtualMemory' '18479814906352' '0x10ceaacd91f0'
	'NtAllocateVirtualMemoryEx' '166318334157495' '0x9744013a22b7'
	'NtCreateMutant' '939383402' '0x37fdda6a'
	'NtDelayExecution' '8450345072' '0x1f7ae0870'
	'NtDeleteBootEntry' '25351751002' '0x5e715055a'
	'NtGdiBitBlt' '34782326' '0x212bc76'
	'NtLoadDriver' '104516913' '0x63acd31'
	'NtMapViewOfSection' '76162514744' '0x11bba3bf38'
	'NtMapViewOfSectionEx' '685462633023' '0x9f98c1ba3f'
	'NtModifyBootEntry' '25406764987' '0x5ea5c77bb'
	'NtOpenCreateFile' '8472445553' '0x1f8ff4271'
	'NtOpenProcessToken' '76254510023' '0x11c11f7bc7'
	'NtOpenProcessTokenEx' '686290590534' '0x9fca1b5b46'
	'NtOpenThreadToken' '25418225006' '0x5eb0b556e'
	'NtOpenThreadTokenEx' '228764025381' '0x3543660225'
	'NtProtectVirtualMemory' '6180333595348' '0x59ef896aad4'
	'NtQueryInformationTokenTokenUser' '365008029056155218' '0x510c4de580ebe52'
	'NtQuerySystemInformation' '55633637205452' '0x3299372ee5cc'
	'NtQueueApcThread' '8479071580' '0x1f9645d5c'
	'NtQueueApcThreadEx' '76311644547' '0x11c4874983'
	'NtQueueApcThreadEx2' '228934933691' '0x354d95dcbb'
	'NtReadVirtualMemory' '228701921503' '0x353fb260df'
	'NtSetContextThread' '76265759146' '0x11c1cb21aa'
	'NtSetInformationProcess' '18533185988482' '0x10db17f7a782'
	'NtSetInformationProcessCriticalProcess' '265930962163018971706' '0xe6a88911fe8973a3a'
	'NtSetInformationThreadCriticalThread' '29547884685846349660' '0x19a0f2c920413875c'
	'NtSetInformationThreadHideFromDebugger' '265930962172624830072' '0xe6a8891222524fe78'
	'NtSetInformationThreadImpersonationToken' '2393378659554168406220' '0x81becd1a336ec800cc'
	'NtSetInformationThreadWow64Context' '3283098298430471909' '0x2d8fe88200a33ee5'
	'NtSetInformationVirtualMemory' '13510692587801263' '0x2fffe7405d8aaf'
	'NtSystemDebugControl' '687447394776' '0xa00f0ec9d8'
	'NtUnmapViewOfSection' '687067230269' '0x9ff865f03d'
	'NtUnmapViewOfSectionEx' '6183605072748' '0x59fbb95736c'
	'NtUserGetAsyncKeyState' '6184724671250' '0x59ffe512b12'
	'NtUserGetClipboardData' '6184723656316' '0x59ffe41ae7c'
	'NtUserSetWindowsHookEx' '6184906107357' '0x5a00921a9dd'
	'NtWriteVirtualMemory' '687514600120' '0xa0131042b8'