NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x757af000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75733000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a81000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75734000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a81000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x7574c000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a81000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75733000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a81000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75731000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a81000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75734000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a80000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75731000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a81000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75731000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a81000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75733000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a8b000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75735000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a8b000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75735000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a7b000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75731000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a7d000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75483000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75733000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a7c000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75731000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a7b000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75734000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a7b000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x7574c000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a7b000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75731000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a7b000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x7574c000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a84000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x7574a000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x7574c000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75737000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a7e000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75734000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a7d000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75731000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a7d000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75753000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75758000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x757ae000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 16, 2021, 5:05 p.m.
process_identifier:
2948
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75755000
process_handle:
0xffffffff
1
0
0