NtAllocateVirtualMemory
April 16, 2021, 6:01 p.m.
process_identifier:
7140
region_size:
1835008
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00780000
allocation_type:
8192
(MEM_RESERVE)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 16, 2021, 6:01 p.m.
process_identifier:
7140
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00900000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
April 16, 2021, 6:01 p.m.
process_identifier:
7140
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x6fba1000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
April 16, 2021, 6:01 p.m.
process_identifier:
7140
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x6fba2000
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 16, 2021, 6:01 p.m.
process_identifier:
7140
region_size:
1179648
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00650000
allocation_type:
8192
(MEM_RESERVE)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 16, 2021, 6:01 p.m.
process_identifier:
7140
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00730000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 16, 2021, 6:01 p.m.
process_identifier:
7140
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00412000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 16, 2021, 6:01 p.m.
process_identifier:
7140
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00545000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 16, 2021, 6:01 p.m.
process_identifier:
7140
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0054b000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 16, 2021, 6:01 p.m.
process_identifier:
7140
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00547000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 16, 2021, 6:01 p.m.
process_identifier:
7140
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0052c000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 16, 2021, 6:01 p.m.
process_identifier:
7140
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x007a0000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 16, 2021, 6:01 p.m.
process_identifier:
7140
region_size:
327680
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x7ef50000
allocation_type:
1056768
(MEM_RESERVE|MEM_TOP_DOWN)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 16, 2021, 6:01 p.m.
process_identifier:
7140
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x7ef50000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 16, 2021, 6:01 p.m.
process_identifier:
7140
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x7ef50000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 16, 2021, 6:01 p.m.
process_identifier:
7140
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x7ef58000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 16, 2021, 6:01 p.m.
process_identifier:
7140
region_size:
65536
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x7ef40000
allocation_type:
1056768
(MEM_RESERVE|MEM_TOP_DOWN)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 16, 2021, 6:01 p.m.
process_identifier:
7140
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x7ef40000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 16, 2021, 6:01 p.m.
process_identifier:
7140
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0041a000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 16, 2021, 6:01 p.m.
process_identifier:
7140
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0053a000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 16, 2021, 6:01 p.m.
process_identifier:
7140
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00537000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 16, 2021, 6:01 p.m.
process_identifier:
7140
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0052a000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
April 16, 2021, 6:01 p.m.
process_identifier:
7140
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x73772000
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 16, 2021, 6:01 p.m.
process_identifier:
7140
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0041c000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 16, 2021, 6:01 p.m.
process_identifier:
7140
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00536000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 16, 2021, 6:01 p.m.
process_identifier:
7140
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x007a1000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 16, 2021, 6:02 p.m.
process_identifier:
7140
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0052d000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 16, 2021, 6:02 p.m.
process_identifier:
7140
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x007a2000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 16, 2021, 6:02 p.m.
process_identifier:
7140
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x007a3000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 16, 2021, 6:02 p.m.
process_identifier:
7140
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x007a4000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 16, 2021, 6:02 p.m.
process_identifier:
7140
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x007a5000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 16, 2021, 6:02 p.m.
process_identifier:
7140
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x007a6000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 16, 2021, 6:02 p.m.
process_identifier:
7140
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x007a7000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 16, 2021, 6:02 p.m.
process_identifier:
7140
region_size:
12288
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x007a8000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
April 16, 2021, 6:02 p.m.
process_identifier:
7140
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
8
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x04e80178
process_handle:
0xffffffff
3221225550
0
NtProtectVirtualMemory
April 16, 2021, 6:02 p.m.
process_identifier:
7140
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
8
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x04e801a0
process_handle:
0xffffffff
3221225550
0
NtProtectVirtualMemory
April 16, 2021, 6:02 p.m.
process_identifier:
7140
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
8
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x04e801c8
process_handle:
0xffffffff
3221225550
0
NtProtectVirtualMemory
April 16, 2021, 6:02 p.m.
process_identifier:
7140
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
11
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x04f00e5e
process_handle:
0xffffffff
3221225550
0
NtProtectVirtualMemory
April 16, 2021, 6:02 p.m.
process_identifier:
7140
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
11
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x04f00e52
process_handle:
0xffffffff
3221225550
0
NtProtectVirtualMemory
April 16, 2021, 6:02 p.m.
process_identifier:
7140
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
72
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x04e80208
process_handle:
0xffffffff
3221225550
0
NtProtectVirtualMemory
April 16, 2021, 6:02 p.m.
process_identifier:
7140
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x04edb5f0
process_handle:
0xffffffff
3221225550
0
NtProtectVirtualMemory
April 16, 2021, 6:02 p.m.
process_identifier:
7140
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
8
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x04edb614
process_handle:
0xffffffff
3221225550
0
NtProtectVirtualMemory
April 16, 2021, 6:02 p.m.
process_identifier:
7140
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x04edb61c
process_handle:
0xffffffff
3221225550
0
NtProtectVirtualMemory
April 16, 2021, 6:02 p.m.
process_identifier:
7140
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
8
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x04edb620
process_handle:
0xffffffff
3221225550
0
NtProtectVirtualMemory
April 16, 2021, 6:02 p.m.
process_identifier:
7140
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x04edb628
process_handle:
0xffffffff
3221225550
0
NtProtectVirtualMemory
April 16, 2021, 6:02 p.m.
process_identifier:
7140
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x04edb62c
process_handle:
0xffffffff
3221225550
0
NtProtectVirtualMemory
April 16, 2021, 6:02 p.m.
process_identifier:
7140
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x04edb630
process_handle:
0xffffffff
3221225550
0
NtProtectVirtualMemory
April 16, 2021, 6:02 p.m.
process_identifier:
7140
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
8
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x04edb634
process_handle:
0xffffffff
3221225550
0
NtProtectVirtualMemory
April 16, 2021, 6:02 p.m.
process_identifier:
7140
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x04edb63c
process_handle:
0xffffffff
3221225550
0
NtProtectVirtualMemory
April 16, 2021, 6:02 p.m.
process_identifier:
7140
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
8
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x04edb640
process_handle:
0xffffffff
3221225550
0