NtAllocateVirtualMemory
|
process_identifier:
4376
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x000003f0
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2648
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x00000450
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
4764
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x00000460
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
7884
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x0000045c
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
3632
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x000003f8
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2728
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x00000454
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
8604
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x0000044c
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
6688
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x00000440
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
8156
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x000003ec
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
1032
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x00000474
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
6400
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x0000047c
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
1596
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x00000484
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
5932
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x0000048c
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
1616
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x00000494
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
6008
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x0000049c
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
5176
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x000004a4
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
4684
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x000004ac
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
7600
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x000004b4
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
7160
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x000004bc
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
6164
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x000004c4
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
8908
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x000004cc
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
6188
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x000004d4
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
8696
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x000004dc
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
4180
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x000004e4
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
8272
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x000004ec
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
7640
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x000004f4
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
6448
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x000004fc
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
7136
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x00000504
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
4516
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x0000050c
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
6340
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x00000514
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
6620
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x0000051c
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
7412
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x00000524
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
8624
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x0000052c
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
6556
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x00000534
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
108
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x0000053c
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2384
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x00000544
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
4020
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x0000054c
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
4932
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x00000554
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
8176
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x0000055c
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
1924
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x00000564
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
5340
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x0000056c
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
8388
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x00000574
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
1844
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x0000057c
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
3160
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x00000584
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
6932
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x0000058c
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
7268
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x00000594
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
7284
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x0000059c
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
8020
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x000005a4
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2092
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x000005ac
|
|
3221225496 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
3492
region_size:
131072
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00400000
allocation_type:
12288
(MEM_COMMIT|MEM_RESERVE)
process_handle:
0x000005b4
|
|
3221225496 |
0
|