NtProtectVirtualMemory
|
process_identifier:
7388
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75111000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
7388
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75241000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
7388
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x74f41000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
7388
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x743c1000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
7388
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x73e21000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
7388
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x740f1000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
7388
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x73cd1000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
7388
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x73cb1000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
7388
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x743b1000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
7388
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x740d1000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
7388
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x71f61000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
7388
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x71f71000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
7388
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x73321000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
7388
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x6e5e1000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
7388
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x743e1000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
7388
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x66a91000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
7388
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x745f1000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
7388
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x745d1000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
7388
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x66c91000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
7388
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x73c91000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
7388
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x736f1000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
7388
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x70b01000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
7388
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x765b1000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
7388
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x72de1000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
7388
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x6ebb1000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
7388
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x6ec05000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
7388
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x673a1000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
7388
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x06a61000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
7388
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x06950000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
7388
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x06950000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
7388
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x06ce0000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
7388
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x06cf0000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
7388
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x70731000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
7388
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x70734000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
7388
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x507c1000
process_handle:
0xffffffff
|
1
|
0 |
0
|