NtAllocateVirtualMemory
April 23, 2021, 6:13 p.m.
process_identifier:
6704
region_size:
1835008
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x006a0000
allocation_type:
8192
(MEM_RESERVE)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 23, 2021, 6:13 p.m.
process_identifier:
6704
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00820000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
April 23, 2021, 6:13 p.m.
process_identifier:
6704
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x6fba1000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
April 23, 2021, 6:13 p.m.
process_identifier:
6704
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x6fba2000
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 23, 2021, 6:13 p.m.
process_identifier:
6704
region_size:
1638400
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x01f80000
allocation_type:
8192
(MEM_RESERVE)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 23, 2021, 6:13 p.m.
process_identifier:
6704
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x020d0000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 23, 2021, 6:13 p.m.
process_identifier:
6704
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00622000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 23, 2021, 6:13 p.m.
process_identifier:
6704
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00655000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 23, 2021, 6:13 p.m.
process_identifier:
6704
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0065b000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 23, 2021, 6:13 p.m.
process_identifier:
6704
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00657000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 23, 2021, 6:13 p.m.
process_identifier:
6704
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0063c000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 23, 2021, 6:13 p.m.
process_identifier:
6704
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x007f0000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 23, 2021, 6:13 p.m.
process_identifier:
6704
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0062a000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 23, 2021, 6:13 p.m.
process_identifier:
6704
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0064a000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 23, 2021, 6:13 p.m.
process_identifier:
6704
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00647000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 23, 2021, 6:13 p.m.
process_identifier:
6704
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0063a000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 23, 2021, 6:13 p.m.
process_identifier:
6704
region_size:
327680
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x7ef50000
allocation_type:
1056768
(MEM_RESERVE|MEM_TOP_DOWN)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 23, 2021, 6:13 p.m.
process_identifier:
6704
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x7ef50000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 23, 2021, 6:13 p.m.
process_identifier:
6704
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x7ef50000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 23, 2021, 6:13 p.m.
process_identifier:
6704
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x7ef58000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 23, 2021, 6:13 p.m.
process_identifier:
6704
region_size:
65536
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x7ef40000
allocation_type:
1056768
(MEM_RESERVE|MEM_TOP_DOWN)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 23, 2021, 6:13 p.m.
process_identifier:
6704
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x7ef40000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 23, 2021, 6:13 p.m.
process_identifier:
6704
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x007f1000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
April 23, 2021, 6:13 p.m.
process_identifier:
6704
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x73772000
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 23, 2021, 6:13 p.m.
process_identifier:
6704
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0062c000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 23, 2021, 6:13 p.m.
process_identifier:
6704
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00646000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 23, 2021, 6:14 p.m.
process_identifier:
6704
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x007f2000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 23, 2021, 6:14 p.m.
process_identifier:
6704
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0063d000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 23, 2021, 6:14 p.m.
process_identifier:
6704
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x007f3000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 23, 2021, 6:14 p.m.
process_identifier:
6704
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x007f4000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 23, 2021, 6:14 p.m.
process_identifier:
6704
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x007f5000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 23, 2021, 6:14 p.m.
process_identifier:
6704
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x007f6000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 23, 2021, 6:14 p.m.
process_identifier:
6704
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x007f7000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 23, 2021, 6:14 p.m.
process_identifier:
6704
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x007f8000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 23, 2021, 6:14 p.m.
process_identifier:
6704
region_size:
8192
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x007f9000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
April 23, 2021, 6:14 p.m.
process_identifier:
6704
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x007fb000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
April 23, 2021, 6:14 p.m.
process_identifier:
6704
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
8
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x05170178
process_handle:
0xffffffff
3221225550
0
NtProtectVirtualMemory
April 23, 2021, 6:14 p.m.
process_identifier:
6704
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
8
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x051701a0
process_handle:
0xffffffff
3221225550
0
NtProtectVirtualMemory
April 23, 2021, 6:14 p.m.
process_identifier:
6704
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
8
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x051701c8
process_handle:
0xffffffff
3221225550
0
NtProtectVirtualMemory
April 23, 2021, 6:14 p.m.
process_identifier:
6704
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
11
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x051e8f1e
process_handle:
0xffffffff
3221225550
0
NtProtectVirtualMemory
April 23, 2021, 6:14 p.m.
process_identifier:
6704
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
11
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x051e8f12
process_handle:
0xffffffff
3221225550
0
NtProtectVirtualMemory
April 23, 2021, 6:14 p.m.
process_identifier:
6704
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
72
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x05170208
process_handle:
0xffffffff
3221225550
0
NtProtectVirtualMemory
April 23, 2021, 6:14 p.m.
process_identifier:
6704
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x051c36c8
process_handle:
0xffffffff
3221225550
0
NtProtectVirtualMemory
April 23, 2021, 6:14 p.m.
process_identifier:
6704
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
8
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x051c36ec
process_handle:
0xffffffff
3221225550
0
NtProtectVirtualMemory
April 23, 2021, 6:14 p.m.
process_identifier:
6704
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x051c36f4
process_handle:
0xffffffff
3221225550
0
NtProtectVirtualMemory
April 23, 2021, 6:14 p.m.
process_identifier:
6704
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
8
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x051c36f8
process_handle:
0xffffffff
3221225550
0
NtProtectVirtualMemory
April 23, 2021, 6:14 p.m.
process_identifier:
6704
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x051c3700
process_handle:
0xffffffff
3221225550
0
NtProtectVirtualMemory
April 23, 2021, 6:14 p.m.
process_identifier:
6704
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x051c3704
process_handle:
0xffffffff
3221225550
0
NtProtectVirtualMemory
April 23, 2021, 6:14 p.m.
process_identifier:
6704
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x051c3708
process_handle:
0xffffffff
3221225550
0
NtProtectVirtualMemory
April 23, 2021, 6:14 p.m.
process_identifier:
6704
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
8
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x051c370c
process_handle:
0xffffffff
3221225550
0