ScreenShot
| Created | 2023.05.04 09:51 | Machine | s1_win7_x6403 |
| Filename | rentfree.dat | ||
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | |||
| md5 | 80801929519c04513ee47c985feaf19b | ||
| sha256 | d0a40094bbf3b0d4e3be791a5416b32ac81235c5f9a4ed1b5aeb88cffe5fedb2 | ||
| ssdeep | 6144:HGttsygB2RWc0sVk5k6A4s9FGMReiD4DmEk5cci4j5zLgSdsb:mttsygB2RWc0sV6k6AbDGSPzqciwpPd | ||
| imphash | 086bcd33b2e05dcca2af4cdea4e69b39 | ||
| impfuzzy | 24:ZzdPOovpDc/JbKBtApuyvDYFQHlRT4nafnkl7:ZzdmOt+XDRcnafkt | ||
Network IP location
Signature (7cnts)
| Level | Description |
|---|---|
| watch | Expresses interest in specific running processes |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks if process is being debugged by a debugger |
| info | One or more processes crashed |
| info | Queries for the computername |
Rules (6cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsDLL | (no description) | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x59a5d000 WideCharToMultiByte
0x59a5d004 HeapSize
0x59a5d008 LCMapStringW
0x59a5d00c LCMapStringA
0x59a5d010 GetStringTypeW
0x59a5d014 MultiByteToWideChar
0x59a5d018 RtlUnwind
0x59a5d01c GetCurrentThreadId
0x59a5d020 GetCommandLineA
0x59a5d024 GetModuleHandleW
0x59a5d028 GetProcAddress
0x59a5d02c TlsGetValue
0x59a5d030 TlsAlloc
0x59a5d034 TlsSetValue
0x59a5d038 TlsFree
0x59a5d03c InterlockedIncrement
0x59a5d040 SetLastError
0x59a5d044 GetLastError
0x59a5d048 InterlockedDecrement
0x59a5d04c TerminateProcess
0x59a5d050 GetCurrentProcess
0x59a5d054 UnhandledExceptionFilter
0x59a5d058 SetUnhandledExceptionFilter
0x59a5d05c IsDebuggerPresent
0x59a5d060 WriteFile
0x59a5d064 GetStdHandle
0x59a5d068 GetModuleFileNameA
0x59a5d06c GetModuleHandleA
0x59a5d070 HeapFree
0x59a5d074 Sleep
0x59a5d078 ExitProcess
0x59a5d07c SetHandleCount
0x59a5d080 GetFileType
0x59a5d084 GetStartupInfoA
0x59a5d088 DeleteCriticalSection
0x59a5d08c FreeEnvironmentStringsA
0x59a5d090 GetEnvironmentStrings
0x59a5d094 FreeEnvironmentStringsW
0x59a5d098 GetEnvironmentStringsW
0x59a5d09c HeapCreate
0x59a5d0a0 HeapDestroy
0x59a5d0a4 VirtualFree
0x59a5d0a8 QueryPerformanceCounter
0x59a5d0ac GetTickCount
0x59a5d0b0 GetCurrentProcessId
0x59a5d0b4 GetSystemTimeAsFileTime
0x59a5d0b8 RaiseException
0x59a5d0bc LeaveCriticalSection
0x59a5d0c0 EnterCriticalSection
0x59a5d0c4 GetCPInfo
0x59a5d0c8 GetACP
0x59a5d0cc GetOEMCP
0x59a5d0d0 IsValidCodePage
0x59a5d0d4 HeapAlloc
0x59a5d0d8 LoadLibraryA
0x59a5d0dc GetLocaleInfoA
0x59a5d0e0 VirtualAlloc
0x59a5d0e4 HeapReAlloc
0x59a5d0e8 InitializeCriticalSectionAndSpinCount
0x59a5d0ec GetStringTypeA
EAT(Export Address Table) Library
0x59a486a0 R?0KernTable@icu_4_0@@QAE@PBVLEFontInstance@1@PBX@Z
0x59a411a0 R?0LEFontInstance@icu_4_0@@QAE@ABV01@@Z
0x59a41140 R?0LEFontInstance@icu_4_0@@QAE@XZ
0x59a41630 R?0LEGlyphStorage@icu_4_0@@QAE@ABV01@@Z
0x59a49850 R?0LEGlyphStorage@icu_4_0@@QAE@XZ
0x59a415c0 R?0LEInsertionCallback@icu_4_0@@QAE@ABV01@@Z
0x59a415b0 R?0LEInsertionCallback@icu_4_0@@QAE@XZ
0x59a41050 R?0LESwaps@icu_4_0@@AAE@XZ
0x59a4a650 R?0LayoutEngine@icu_4_0@@IAE@PBVLEFontInstance@1@HHH@Z
0x59a41790 R?0LayoutEngine@icu_4_0@@QAE@ABV01@@Z
0x59a418a0 R?0OpenTypeLayoutEngine@icu_4_0@@QAE@ABV01@@Z
0x59a4dfc0 R?0OpenTypeLayoutEngine@icu_4_0@@QAE@PBVLEFontInstance@1@HHH@Z
0x59a4de50 R?0OpenTypeLayoutEngine@icu_4_0@@QAE@PBVLEFontInstance@1@HHHPBUGlyphSubstitutionTableHeader@1@@Z
0x59a493f0 R?1LEFontInstance@icu_4_0@@UAE@XZ
0x59a4a1c0 R?1LEGlyphStorage@icu_4_0@@UAE@XZ
0x59a49840 R?1LEInsertionCallback@icu_4_0@@UAE@XZ
0x59a4b0f0 R?1LayoutEngine@icu_4_0@@UAE@XZ
0x59a4da10 R?1OpenTypeLayoutEngine@icu_4_0@@UAE@XZ
0x59a41a10 R?4CanonShaping@icu_4_0@@QAEAAV01@ABV01@@Z
0x59a48670 R?4KernTable@icu_4_0@@QAEAAV01@ABV01@@Z
0x59a41a10 R?4LEFontInstance@icu_4_0@@QAEAAV01@ABV01@@Z
0x59a416d0 R?4LEGlyphStorage@icu_4_0@@QAEAAV01@ABV01@@Z
0x59a41a10 R?4LEInsertionCallback@icu_4_0@@QAEAAV01@ABV01@@Z
0x59a41a10 R?4LESwaps@icu_4_0@@QAEAAV01@ABV01@@Z
0x59a41810 R?4LayoutEngine@icu_4_0@@QAEAAV01@ABV01@@Z
0x59a41940 R?4OpenTypeLayoutEngine@icu_4_0@@QAEAAV01@ABV01@@Z
0x59a41780 R?ALEGlyphStorage@icu_4_0@@QBEAAIH@Z
0x59a5d14c R?_7LEFontInstance@icu_4_0@@6B@
0x59a5d1d8 R?_7LEGlyphStorage@icu_4_0@@6BLEInsertionCallback@1@@
0x59a5d1e4 R?_7LEGlyphStorage@icu_4_0@@6BUObject@1@@
0x59a5d1cc R?_7LEInsertionCallback@icu_4_0@@6B@
0x59a5d1f0 R?_7LayoutEngine@icu_4_0@@6B@
0x59a5d220 R?_7OpenTypeLayoutEngine@icu_4_0@@6B@
0x59a4b5c0 RadjustGlyphPositions@LayoutEngine@icu_4_0@@MAEXQBGHHCAAVLEGlyphStorage@2@AAW4LEErrorCode@@@Z
0x59a4e070 RadjustGlyphPositions@OpenTypeLayoutEngine@icu_4_0@@MAEXQBGHHCAAVLEGlyphStorage@2@AAW4LEErrorCode@@@Z
0x59a4a910 RadjustMarkGlyphs@LayoutEngine@icu_4_0@@KAXAAVLEGlyphStorage@2@PAVLEGlyphFilter@2@AAW4LEErrorCode@@@Z
0x59a4aa00 RadjustMarkGlyphs@LayoutEngine@icu_4_0@@KAXQBGHCAAVLEGlyphStorage@2@PAVLEGlyphFilter@2@AAW4LEErrorCode@@@Z
0x59a49f10 RadjustPosition@LEGlyphStorage@icu_4_0@@QAEXHMMAAW4LEErrorCode@@@Z
0x59a4a010 RadoptAuxDataArray@LEGlyphStorage@icu_4_0@@QAEXAAV12@@Z
0x59a49fb0 RadoptCharIndicesArray@LEGlyphStorage@icu_4_0@@QAEXAAV12@@Z
0x59a49f60 RadoptGlyphArray@LEGlyphStorage@icu_4_0@@QAEXAAV12@@Z
0x59a4a040 RadoptGlyphCount@LEGlyphStorage@icu_4_0@@QAEXAAV12@@Z
0x59a4a050 RadoptGlyphCount@LEGlyphStorage@icu_4_0@@QAEXH@Z
0x59a49fe0 RadoptPositionArray@LEGlyphStorage@icu_4_0@@QAEXAAV12@@Z
0x59a49ac0 RallocateAuxData@LEGlyphStorage@icu_4_0@@QAEHAAW4LEErrorCode@@@Z
0x59a49940 RallocateGlyphArray@LEGlyphStorage@icu_4_0@@QAEXHCAAW4LEErrorCode@@@Z
0x59a49a60 RallocatePositions@LEGlyphStorage@icu_4_0@@QAEHAAW4LEErrorCode@@@Z
0x59a4a0f0 RapplyInsertion@LEGlyphStorage@icu_4_0@@MAECHHQAI@Z
0x59a4a070 RapplyInsertions@LEGlyphStorage@icu_4_0@@QAEHXZ
0x59a49600 RcanDisplay@LEFontInstance@icu_4_0@@UBECH@Z
0x59a4b310 RcharacterProcessing@LayoutEngine@icu_4_0@@MAEHQBGHHHCAAPAGAAVLEGlyphStorage@2@AAW4LEErrorCode@@@Z
0x59a4db10 RcharacterProcessing@OpenTypeLayoutEngine@icu_4_0@@MAEHQBGHHHCAAPAGAAVLEGlyphStorage@2@AAW4LEErrorCode@@@Z
0x59a4a770 RcomputeGlyphs@LayoutEngine@icu_4_0@@MAEHQBGHHHCAAVLEGlyphStorage@2@AAW4LEErrorCode@@@Z
0x59a4dcf0 RcomputeGlyphs@OpenTypeLayoutEngine@icu_4_0@@MAEHQBGHHHCAAVLEGlyphStorage@2@AAW4LEErrorCode@@@Z
0x59a41260 RfixedToFloat@LEFontInstance@icu_4_0@@SAMH@Z
0x59a41280 RfloatToFixed@LEFontInstance@icu_4_0@@SAHM@Z
0x59a49db0 RgetAuxData@LEGlyphStorage@icu_4_0@@QBEIHAAW4LEErrorCode@@@Z
0x59a49d60 RgetAuxData@LEGlyphStorage@icu_4_0@@QBEXQAIAAW4LEErrorCode@@@Z
0x59a49ce0 RgetCharIndex@LEGlyphStorage@icu_4_0@@QBEHHAAW4LEErrorCode@@@Z
0x59a49b60 RgetCharIndices@LEGlyphStorage@icu_4_0@@QBEXQAHAAW4LEErrorCode@@@Z
0x59a49b10 RgetCharIndices@LEGlyphStorage@icu_4_0@@QBEXQAHHAAW4LEErrorCode@@@Z
0x59a4a720 RgetCharIndices@LayoutEngine@icu_4_0@@QBEXQAHAAW4LEErrorCode@@@Z
0x59a4a710 RgetCharIndices@LayoutEngine@icu_4_0@@QBEXQAHHAAW4LEErrorCode@@@Z
0x59a493b0 RgetDynamicClassID@LEFontInstance@icu_4_0@@UBEPAXXZ
0x59a49830 RgetDynamicClassID@LEGlyphStorage@icu_4_0@@UBEPAXXZ
0x59a4a640 RgetDynamicClassID@LayoutEngine@icu_4_0@@UBEPAXXZ
0x59a4d9f0 RgetDynamicClassID@OpenTypeLayoutEngine@icu_4_0@@UBEPAXXZ
0x59a4ab30 RgetFontTable@LayoutEngine@icu_4_0@@MBEPBXI@Z
0x59a41770 RgetGlyphCount@LEGlyphStorage@icu_4_0@@QBEHXZ
0x59a4a700 RgetGlyphCount@LayoutEngine@icu_4_0@@QBEHXZ
0x59a49c50 RgetGlyphID@LEGlyphStorage@icu_4_0@@QBEIHAAW4LEErrorCode@@@Z
0x59a49e80 RgetGlyphPosition@LEGlyphStorage@icu_4_0@@QBEXHAAM0AAW4LEErrorCode@@@Z
0x59a4a760 RgetGlyphPosition@LayoutEngine@icu_4_0@@QBEXHAAM0AAW4LEErrorCode@@@Z
0x59a49e30 RgetGlyphPositions@LEGlyphStorage@icu_4_0@@QBEXQAMAAW4LEErrorCode@@@Z
0x59a4a750 RgetGlyphPositions@LayoutEngine@icu_4_0@@QBEXQAMAAW4LEErrorCode@@@Z
0x59a49c00 RgetGlyphs@LEGlyphStorage@icu_4_0@@QBEXQAIAAW4LEErrorCode@@@Z
0x59a49bb0 RgetGlyphs@LEGlyphStorage@icu_4_0@@QBEXQAIIAAW4LEErrorCode@@@Z
0x59a4a740 RgetGlyphs@LayoutEngine@icu_4_0@@QBEXQAIAAW4LEErrorCode@@@Z
0x59a4a730 RgetGlyphs@LayoutEngine@icu_4_0@@UBEXQAIIAAW4LEErrorCode@@@Z
0x59a4dab0 RgetLangSysTag@OpenTypeLayoutEngine@icu_4_0@@SAIH@Z
0x59a49800 RgetLineHeight@LEFontInstance@icu_4_0@@UBEHXZ
0x59a4da90 RgetScriptTag@OpenTypeLayoutEngine@icu_4_0@@SAIH@Z
0x59a493b0 RgetStaticClassID@LEFontInstance@icu_4_0@@SAPAXXZ
0x59a511f0 RgetStaticClassID@LEGlyphStorage@icu_4_0@@SAPAXXZ
0x59a4a640 RgetStaticClassID@LayoutEngine@icu_4_0@@SAPAXXZ
0x59a4d9f0 RgetStaticClassID@OpenTypeLayoutEngine@icu_4_0@@SAPAXXZ
0x59a49440 RgetSubFont@LEFontInstance@icu_4_0@@UBEPBV12@QBGPAHHHAAW4LEErrorCode@@@Z
0x59a6ae40 RglyphDefinitionTable@CanonShaping@icu_4_0@@2QBEB
0x59a4dcb0 RglyphPostProcessing@OpenTypeLayoutEngine@icu_4_0@@MAEHAAVLEGlyphStorage@2@0AAW4LEErrorCode@@@Z
0x59a4dc00 RglyphProcessing@OpenTypeLayoutEngine@icu_4_0@@MAEHQBGHHHCAAVLEGlyphStorage@2@AAW4LEErrorCode@@@Z
0x59a5d358 RglyphSubstitutionTable@CanonShaping@icu_4_0@@2QBEB
0x59a4a060 RinsertGlyphs@LEGlyphStorage@icu_4_0@@QAEPAIHH@Z
0x59a6ddf8 RlanguageTags@OpenTypeLayoutEngine@icu_4_0@@2QBIB
0x59a4ab40 RlayoutChars@LayoutEngine@icu_4_0@@UAEHQBGHHHCMMAAW4LEErrorCode@@@Z
0x59a4b760 RlayoutEngineFactory@LayoutEngine@icu_4_0@@SAPAV12@PBVLEFontInstance@2@HHAAW4LEErrorCode@@@Z
0x59a4ac30 RlayoutEngineFactory@LayoutEngine@icu_4_0@@SAPAV12@PBVLEFontInstance@2@HHHAAW4LEErrorCode@@@Z
0x59a49570 RmapCharToGlyph@LEFontInstance@icu_4_0@@UBEIHPBVLECharMapper@2@@Z
0x59a49590 RmapCharToGlyph@LEFontInstance@icu_4_0@@UBEIHPBVLECharMapper@2@C@Z
0x59a49490 RmapCharsToGlyphs@LEFontInstance@icu_4_0@@UBEXQBGHHCPBVLECharMapper@2@CAAVLEGlyphStorage@2@@Z
0x59a4b6b0 RmapCharsToGlyphs@LayoutEngine@icu_4_0@@MAEXQBGHHCCAAVLEGlyphStorage@2@AAW4LEErrorCode@@@Z
0x59a49760 RpixelsToUnits@LEFontInstance@icu_4_0@@UBEXAAULEPoint@@0@Z
0x59a4a860 RpositionGlyphs@LayoutEngine@icu_4_0@@MAEXAAVLEGlyphStorage@2@MMAAW4LEErrorCode@@@Z
0x59a48760 Rprocess@KernTable@icu_4_0@@QAEXAAVLEGlyphStorage@2@@Z
0x59a42420 RreorderMarks@CanonShaping@icu_4_0@@SAXPBGHCPAGAAVLEGlyphStorage@2@@Z
0x59a498d0 Rreset@LEGlyphStorage@icu_4_0@@QAEXXZ
0x59a4ac20 Rreset@LayoutEngine@icu_4_0@@UAEXXZ
0x59a4da00 Rreset@OpenTypeLayoutEngine@icu_4_0@@MAEXXZ
0x59a6dbf0 RscriptTags@OpenTypeLayoutEngine@icu_4_0@@0QBIB
0x59a49df0 RsetAuxData@LEGlyphStorage@icu_4_0@@QAEXHIAAW4LEErrorCode@@@Z
0x59a49d20 RsetCharIndex@LEGlyphStorage@icu_4_0@@QAEXHHAAW4LEErrorCode@@@Z
0x59a49ca0 RsetGlyphID@LEGlyphStorage@icu_4_0@@QAEXHIAAW4LEErrorCode@@@Z
0x59a49ed0 RsetPosition@LEGlyphStorage@icu_4_0@@QAEXHMMAAW4LEErrorCode@@@Z
0x59a4dad0 RsetScriptAndLanguageTags@OpenTypeLayoutEngine@icu_4_0@@AAEXXZ
0x59a423c0 RsortMarks@CanonShaping@icu_4_0@@CAXPAHPBHHH@Z
0x59a41020 RswapLong@LESwaps@icu_4_0@@SAIABI@Z
0x59a41000 RswapWord@LESwaps@icu_4_0@@SAGABG@Z
0x59a497a0 RtransformFunits@LEFontInstance@icu_4_0@@UBEXMMAAULEPoint@@@Z
0x59a496a0 RunitsToPoints@LEFontInstance@icu_4_0@@UBEXAAULEPoint@@0@Z
0x59a496e0 RxPixelsToUnits@LEFontInstance@icu_4_0@@UBEMM@Z
0x59a49620 RxUnitsToPoints@LEFontInstance@icu_4_0@@UBEMM@Z
0x59a49720 RyPixelsToUnits@LEFontInstance@icu_4_0@@UBEMM@Z
0x59a49660 RyUnitsToPoints@LEFontInstance@icu_4_0@@UBEMM@Z
0x59a51070 Re_close_4_0
0x59a51060 Re_create_4_0
0x59a51160 Re_getCharIndicesWithBase_4_0
0x59a51130 Re_getCharIndices_4_0
0x59a510e0 Re_getGlyphCount_4_0
0x59a511c0 Re_getGlyphPosition_4_0
0x59a51190 Re_getGlyphPositions_4_0
0x59a51100 Re_getGlyphs_4_0
0x59a51090 Re_layoutChars_4_0
0x59a49830 Time
KERNEL32.dll
0x59a5d000 WideCharToMultiByte
0x59a5d004 HeapSize
0x59a5d008 LCMapStringW
0x59a5d00c LCMapStringA
0x59a5d010 GetStringTypeW
0x59a5d014 MultiByteToWideChar
0x59a5d018 RtlUnwind
0x59a5d01c GetCurrentThreadId
0x59a5d020 GetCommandLineA
0x59a5d024 GetModuleHandleW
0x59a5d028 GetProcAddress
0x59a5d02c TlsGetValue
0x59a5d030 TlsAlloc
0x59a5d034 TlsSetValue
0x59a5d038 TlsFree
0x59a5d03c InterlockedIncrement
0x59a5d040 SetLastError
0x59a5d044 GetLastError
0x59a5d048 InterlockedDecrement
0x59a5d04c TerminateProcess
0x59a5d050 GetCurrentProcess
0x59a5d054 UnhandledExceptionFilter
0x59a5d058 SetUnhandledExceptionFilter
0x59a5d05c IsDebuggerPresent
0x59a5d060 WriteFile
0x59a5d064 GetStdHandle
0x59a5d068 GetModuleFileNameA
0x59a5d06c GetModuleHandleA
0x59a5d070 HeapFree
0x59a5d074 Sleep
0x59a5d078 ExitProcess
0x59a5d07c SetHandleCount
0x59a5d080 GetFileType
0x59a5d084 GetStartupInfoA
0x59a5d088 DeleteCriticalSection
0x59a5d08c FreeEnvironmentStringsA
0x59a5d090 GetEnvironmentStrings
0x59a5d094 FreeEnvironmentStringsW
0x59a5d098 GetEnvironmentStringsW
0x59a5d09c HeapCreate
0x59a5d0a0 HeapDestroy
0x59a5d0a4 VirtualFree
0x59a5d0a8 QueryPerformanceCounter
0x59a5d0ac GetTickCount
0x59a5d0b0 GetCurrentProcessId
0x59a5d0b4 GetSystemTimeAsFileTime
0x59a5d0b8 RaiseException
0x59a5d0bc LeaveCriticalSection
0x59a5d0c0 EnterCriticalSection
0x59a5d0c4 GetCPInfo
0x59a5d0c8 GetACP
0x59a5d0cc GetOEMCP
0x59a5d0d0 IsValidCodePage
0x59a5d0d4 HeapAlloc
0x59a5d0d8 LoadLibraryA
0x59a5d0dc GetLocaleInfoA
0x59a5d0e0 VirtualAlloc
0x59a5d0e4 HeapReAlloc
0x59a5d0e8 InitializeCriticalSectionAndSpinCount
0x59a5d0ec GetStringTypeA
EAT(Export Address Table) Library
0x59a486a0 R?0KernTable@icu_4_0@@QAE@PBVLEFontInstance@1@PBX@Z
0x59a411a0 R?0LEFontInstance@icu_4_0@@QAE@ABV01@@Z
0x59a41140 R?0LEFontInstance@icu_4_0@@QAE@XZ
0x59a41630 R?0LEGlyphStorage@icu_4_0@@QAE@ABV01@@Z
0x59a49850 R?0LEGlyphStorage@icu_4_0@@QAE@XZ
0x59a415c0 R?0LEInsertionCallback@icu_4_0@@QAE@ABV01@@Z
0x59a415b0 R?0LEInsertionCallback@icu_4_0@@QAE@XZ
0x59a41050 R?0LESwaps@icu_4_0@@AAE@XZ
0x59a4a650 R?0LayoutEngine@icu_4_0@@IAE@PBVLEFontInstance@1@HHH@Z
0x59a41790 R?0LayoutEngine@icu_4_0@@QAE@ABV01@@Z
0x59a418a0 R?0OpenTypeLayoutEngine@icu_4_0@@QAE@ABV01@@Z
0x59a4dfc0 R?0OpenTypeLayoutEngine@icu_4_0@@QAE@PBVLEFontInstance@1@HHH@Z
0x59a4de50 R?0OpenTypeLayoutEngine@icu_4_0@@QAE@PBVLEFontInstance@1@HHHPBUGlyphSubstitutionTableHeader@1@@Z
0x59a493f0 R?1LEFontInstance@icu_4_0@@UAE@XZ
0x59a4a1c0 R?1LEGlyphStorage@icu_4_0@@UAE@XZ
0x59a49840 R?1LEInsertionCallback@icu_4_0@@UAE@XZ
0x59a4b0f0 R?1LayoutEngine@icu_4_0@@UAE@XZ
0x59a4da10 R?1OpenTypeLayoutEngine@icu_4_0@@UAE@XZ
0x59a41a10 R?4CanonShaping@icu_4_0@@QAEAAV01@ABV01@@Z
0x59a48670 R?4KernTable@icu_4_0@@QAEAAV01@ABV01@@Z
0x59a41a10 R?4LEFontInstance@icu_4_0@@QAEAAV01@ABV01@@Z
0x59a416d0 R?4LEGlyphStorage@icu_4_0@@QAEAAV01@ABV01@@Z
0x59a41a10 R?4LEInsertionCallback@icu_4_0@@QAEAAV01@ABV01@@Z
0x59a41a10 R?4LESwaps@icu_4_0@@QAEAAV01@ABV01@@Z
0x59a41810 R?4LayoutEngine@icu_4_0@@QAEAAV01@ABV01@@Z
0x59a41940 R?4OpenTypeLayoutEngine@icu_4_0@@QAEAAV01@ABV01@@Z
0x59a41780 R?ALEGlyphStorage@icu_4_0@@QBEAAIH@Z
0x59a5d14c R?_7LEFontInstance@icu_4_0@@6B@
0x59a5d1d8 R?_7LEGlyphStorage@icu_4_0@@6BLEInsertionCallback@1@@
0x59a5d1e4 R?_7LEGlyphStorage@icu_4_0@@6BUObject@1@@
0x59a5d1cc R?_7LEInsertionCallback@icu_4_0@@6B@
0x59a5d1f0 R?_7LayoutEngine@icu_4_0@@6B@
0x59a5d220 R?_7OpenTypeLayoutEngine@icu_4_0@@6B@
0x59a4b5c0 RadjustGlyphPositions@LayoutEngine@icu_4_0@@MAEXQBGHHCAAVLEGlyphStorage@2@AAW4LEErrorCode@@@Z
0x59a4e070 RadjustGlyphPositions@OpenTypeLayoutEngine@icu_4_0@@MAEXQBGHHCAAVLEGlyphStorage@2@AAW4LEErrorCode@@@Z
0x59a4a910 RadjustMarkGlyphs@LayoutEngine@icu_4_0@@KAXAAVLEGlyphStorage@2@PAVLEGlyphFilter@2@AAW4LEErrorCode@@@Z
0x59a4aa00 RadjustMarkGlyphs@LayoutEngine@icu_4_0@@KAXQBGHCAAVLEGlyphStorage@2@PAVLEGlyphFilter@2@AAW4LEErrorCode@@@Z
0x59a49f10 RadjustPosition@LEGlyphStorage@icu_4_0@@QAEXHMMAAW4LEErrorCode@@@Z
0x59a4a010 RadoptAuxDataArray@LEGlyphStorage@icu_4_0@@QAEXAAV12@@Z
0x59a49fb0 RadoptCharIndicesArray@LEGlyphStorage@icu_4_0@@QAEXAAV12@@Z
0x59a49f60 RadoptGlyphArray@LEGlyphStorage@icu_4_0@@QAEXAAV12@@Z
0x59a4a040 RadoptGlyphCount@LEGlyphStorage@icu_4_0@@QAEXAAV12@@Z
0x59a4a050 RadoptGlyphCount@LEGlyphStorage@icu_4_0@@QAEXH@Z
0x59a49fe0 RadoptPositionArray@LEGlyphStorage@icu_4_0@@QAEXAAV12@@Z
0x59a49ac0 RallocateAuxData@LEGlyphStorage@icu_4_0@@QAEHAAW4LEErrorCode@@@Z
0x59a49940 RallocateGlyphArray@LEGlyphStorage@icu_4_0@@QAEXHCAAW4LEErrorCode@@@Z
0x59a49a60 RallocatePositions@LEGlyphStorage@icu_4_0@@QAEHAAW4LEErrorCode@@@Z
0x59a4a0f0 RapplyInsertion@LEGlyphStorage@icu_4_0@@MAECHHQAI@Z
0x59a4a070 RapplyInsertions@LEGlyphStorage@icu_4_0@@QAEHXZ
0x59a49600 RcanDisplay@LEFontInstance@icu_4_0@@UBECH@Z
0x59a4b310 RcharacterProcessing@LayoutEngine@icu_4_0@@MAEHQBGHHHCAAPAGAAVLEGlyphStorage@2@AAW4LEErrorCode@@@Z
0x59a4db10 RcharacterProcessing@OpenTypeLayoutEngine@icu_4_0@@MAEHQBGHHHCAAPAGAAVLEGlyphStorage@2@AAW4LEErrorCode@@@Z
0x59a4a770 RcomputeGlyphs@LayoutEngine@icu_4_0@@MAEHQBGHHHCAAVLEGlyphStorage@2@AAW4LEErrorCode@@@Z
0x59a4dcf0 RcomputeGlyphs@OpenTypeLayoutEngine@icu_4_0@@MAEHQBGHHHCAAVLEGlyphStorage@2@AAW4LEErrorCode@@@Z
0x59a41260 RfixedToFloat@LEFontInstance@icu_4_0@@SAMH@Z
0x59a41280 RfloatToFixed@LEFontInstance@icu_4_0@@SAHM@Z
0x59a49db0 RgetAuxData@LEGlyphStorage@icu_4_0@@QBEIHAAW4LEErrorCode@@@Z
0x59a49d60 RgetAuxData@LEGlyphStorage@icu_4_0@@QBEXQAIAAW4LEErrorCode@@@Z
0x59a49ce0 RgetCharIndex@LEGlyphStorage@icu_4_0@@QBEHHAAW4LEErrorCode@@@Z
0x59a49b60 RgetCharIndices@LEGlyphStorage@icu_4_0@@QBEXQAHAAW4LEErrorCode@@@Z
0x59a49b10 RgetCharIndices@LEGlyphStorage@icu_4_0@@QBEXQAHHAAW4LEErrorCode@@@Z
0x59a4a720 RgetCharIndices@LayoutEngine@icu_4_0@@QBEXQAHAAW4LEErrorCode@@@Z
0x59a4a710 RgetCharIndices@LayoutEngine@icu_4_0@@QBEXQAHHAAW4LEErrorCode@@@Z
0x59a493b0 RgetDynamicClassID@LEFontInstance@icu_4_0@@UBEPAXXZ
0x59a49830 RgetDynamicClassID@LEGlyphStorage@icu_4_0@@UBEPAXXZ
0x59a4a640 RgetDynamicClassID@LayoutEngine@icu_4_0@@UBEPAXXZ
0x59a4d9f0 RgetDynamicClassID@OpenTypeLayoutEngine@icu_4_0@@UBEPAXXZ
0x59a4ab30 RgetFontTable@LayoutEngine@icu_4_0@@MBEPBXI@Z
0x59a41770 RgetGlyphCount@LEGlyphStorage@icu_4_0@@QBEHXZ
0x59a4a700 RgetGlyphCount@LayoutEngine@icu_4_0@@QBEHXZ
0x59a49c50 RgetGlyphID@LEGlyphStorage@icu_4_0@@QBEIHAAW4LEErrorCode@@@Z
0x59a49e80 RgetGlyphPosition@LEGlyphStorage@icu_4_0@@QBEXHAAM0AAW4LEErrorCode@@@Z
0x59a4a760 RgetGlyphPosition@LayoutEngine@icu_4_0@@QBEXHAAM0AAW4LEErrorCode@@@Z
0x59a49e30 RgetGlyphPositions@LEGlyphStorage@icu_4_0@@QBEXQAMAAW4LEErrorCode@@@Z
0x59a4a750 RgetGlyphPositions@LayoutEngine@icu_4_0@@QBEXQAMAAW4LEErrorCode@@@Z
0x59a49c00 RgetGlyphs@LEGlyphStorage@icu_4_0@@QBEXQAIAAW4LEErrorCode@@@Z
0x59a49bb0 RgetGlyphs@LEGlyphStorage@icu_4_0@@QBEXQAIIAAW4LEErrorCode@@@Z
0x59a4a740 RgetGlyphs@LayoutEngine@icu_4_0@@QBEXQAIAAW4LEErrorCode@@@Z
0x59a4a730 RgetGlyphs@LayoutEngine@icu_4_0@@UBEXQAIIAAW4LEErrorCode@@@Z
0x59a4dab0 RgetLangSysTag@OpenTypeLayoutEngine@icu_4_0@@SAIH@Z
0x59a49800 RgetLineHeight@LEFontInstance@icu_4_0@@UBEHXZ
0x59a4da90 RgetScriptTag@OpenTypeLayoutEngine@icu_4_0@@SAIH@Z
0x59a493b0 RgetStaticClassID@LEFontInstance@icu_4_0@@SAPAXXZ
0x59a511f0 RgetStaticClassID@LEGlyphStorage@icu_4_0@@SAPAXXZ
0x59a4a640 RgetStaticClassID@LayoutEngine@icu_4_0@@SAPAXXZ
0x59a4d9f0 RgetStaticClassID@OpenTypeLayoutEngine@icu_4_0@@SAPAXXZ
0x59a49440 RgetSubFont@LEFontInstance@icu_4_0@@UBEPBV12@QBGPAHHHAAW4LEErrorCode@@@Z
0x59a6ae40 RglyphDefinitionTable@CanonShaping@icu_4_0@@2QBEB
0x59a4dcb0 RglyphPostProcessing@OpenTypeLayoutEngine@icu_4_0@@MAEHAAVLEGlyphStorage@2@0AAW4LEErrorCode@@@Z
0x59a4dc00 RglyphProcessing@OpenTypeLayoutEngine@icu_4_0@@MAEHQBGHHHCAAVLEGlyphStorage@2@AAW4LEErrorCode@@@Z
0x59a5d358 RglyphSubstitutionTable@CanonShaping@icu_4_0@@2QBEB
0x59a4a060 RinsertGlyphs@LEGlyphStorage@icu_4_0@@QAEPAIHH@Z
0x59a6ddf8 RlanguageTags@OpenTypeLayoutEngine@icu_4_0@@2QBIB
0x59a4ab40 RlayoutChars@LayoutEngine@icu_4_0@@UAEHQBGHHHCMMAAW4LEErrorCode@@@Z
0x59a4b760 RlayoutEngineFactory@LayoutEngine@icu_4_0@@SAPAV12@PBVLEFontInstance@2@HHAAW4LEErrorCode@@@Z
0x59a4ac30 RlayoutEngineFactory@LayoutEngine@icu_4_0@@SAPAV12@PBVLEFontInstance@2@HHHAAW4LEErrorCode@@@Z
0x59a49570 RmapCharToGlyph@LEFontInstance@icu_4_0@@UBEIHPBVLECharMapper@2@@Z
0x59a49590 RmapCharToGlyph@LEFontInstance@icu_4_0@@UBEIHPBVLECharMapper@2@C@Z
0x59a49490 RmapCharsToGlyphs@LEFontInstance@icu_4_0@@UBEXQBGHHCPBVLECharMapper@2@CAAVLEGlyphStorage@2@@Z
0x59a4b6b0 RmapCharsToGlyphs@LayoutEngine@icu_4_0@@MAEXQBGHHCCAAVLEGlyphStorage@2@AAW4LEErrorCode@@@Z
0x59a49760 RpixelsToUnits@LEFontInstance@icu_4_0@@UBEXAAULEPoint@@0@Z
0x59a4a860 RpositionGlyphs@LayoutEngine@icu_4_0@@MAEXAAVLEGlyphStorage@2@MMAAW4LEErrorCode@@@Z
0x59a48760 Rprocess@KernTable@icu_4_0@@QAEXAAVLEGlyphStorage@2@@Z
0x59a42420 RreorderMarks@CanonShaping@icu_4_0@@SAXPBGHCPAGAAVLEGlyphStorage@2@@Z
0x59a498d0 Rreset@LEGlyphStorage@icu_4_0@@QAEXXZ
0x59a4ac20 Rreset@LayoutEngine@icu_4_0@@UAEXXZ
0x59a4da00 Rreset@OpenTypeLayoutEngine@icu_4_0@@MAEXXZ
0x59a6dbf0 RscriptTags@OpenTypeLayoutEngine@icu_4_0@@0QBIB
0x59a49df0 RsetAuxData@LEGlyphStorage@icu_4_0@@QAEXHIAAW4LEErrorCode@@@Z
0x59a49d20 RsetCharIndex@LEGlyphStorage@icu_4_0@@QAEXHHAAW4LEErrorCode@@@Z
0x59a49ca0 RsetGlyphID@LEGlyphStorage@icu_4_0@@QAEXHIAAW4LEErrorCode@@@Z
0x59a49ed0 RsetPosition@LEGlyphStorage@icu_4_0@@QAEXHMMAAW4LEErrorCode@@@Z
0x59a4dad0 RsetScriptAndLanguageTags@OpenTypeLayoutEngine@icu_4_0@@AAEXXZ
0x59a423c0 RsortMarks@CanonShaping@icu_4_0@@CAXPAHPBHHH@Z
0x59a41020 RswapLong@LESwaps@icu_4_0@@SAIABI@Z
0x59a41000 RswapWord@LESwaps@icu_4_0@@SAGABG@Z
0x59a497a0 RtransformFunits@LEFontInstance@icu_4_0@@UBEXMMAAULEPoint@@@Z
0x59a496a0 RunitsToPoints@LEFontInstance@icu_4_0@@UBEXAAULEPoint@@0@Z
0x59a496e0 RxPixelsToUnits@LEFontInstance@icu_4_0@@UBEMM@Z
0x59a49620 RxUnitsToPoints@LEFontInstance@icu_4_0@@UBEMM@Z
0x59a49720 RyPixelsToUnits@LEFontInstance@icu_4_0@@UBEMM@Z
0x59a49660 RyUnitsToPoints@LEFontInstance@icu_4_0@@UBEMM@Z
0x59a51070 Re_close_4_0
0x59a51060 Re_create_4_0
0x59a51160 Re_getCharIndicesWithBase_4_0
0x59a51130 Re_getCharIndices_4_0
0x59a510e0 Re_getGlyphCount_4_0
0x59a511c0 Re_getGlyphPosition_4_0
0x59a51190 Re_getGlyphPositions_4_0
0x59a51100 Re_getGlyphs_4_0
0x59a51090 Re_layoutChars_4_0
0x59a49830 Time