NtProtectVirtualMemory
April 3, 2021, 10:49 a.m.
process_identifier:
2648
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x6dce1000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
April 3, 2021, 10:49 a.m.
process_identifier:
2648
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x6dd3f000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
April 3, 2021, 10:49 a.m.
process_identifier:
2648
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x6dd3f000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
April 3, 2021, 10:49 a.m.
process_identifier:
2648
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x6dc81000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
April 3, 2021, 10:49 a.m.
process_identifier:
2648
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x65001000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
April 3, 2021, 10:49 a.m.
process_identifier:
2648
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x6d801000
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 3, 2021, 10:49 a.m.
process_identifier:
2648
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x07530000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 3, 2021, 10:49 a.m.
process_identifier:
2648
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x07530000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 3, 2021, 10:49 a.m.
process_identifier:
2648
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x07540000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 3, 2021, 10:49 a.m.
process_identifier:
2648
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x07550000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
April 3, 2021, 10:49 a.m.
process_identifier:
2256
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x6f571000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
April 3, 2021, 10:49 a.m.
process_identifier:
2256
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x6f491000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
April 3, 2021, 10:49 a.m.
process_identifier:
2256
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x73e74000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
April 3, 2021, 10:49 a.m.
process_identifier:
2256
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x6f492000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
April 3, 2021, 10:49 a.m.
process_identifier:
2256
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x6db11000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
April 3, 2021, 10:49 a.m.
process_identifier:
2256
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x6db01000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
April 3, 2021, 10:49 a.m.
process_identifier:
2256
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x6dae1000
process_handle:
0xffffffff
1
0
0