Thanks for both of your comments, the import address table was invalid because the process makes certain API calls only after modifying the kernel with a driver.

Imprec's level 1 trace worked, but it didn't seem like it was executing because "ExitProcess" gets called after it checks for a device/driver it unpacks and loads into the kernel on runtime.

It is an evil, piece of software.