NtAllocateVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
region_size:
2359296
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0000000000710000
allocation_type:
8192
(MEM_RESERVE)
process_handle:
0xffffffffffffffff
1
0
0
NtAllocateVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
region_size:
8192
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00000000008d0000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffffffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fef1201000
process_handle:
0xffffffffffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fef189b000
process_handle:
0xffffffffffffffff
1
0
0
NtAllocateVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
region_size:
786432
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0000000000ae0000
allocation_type:
8192
(MEM_RESERVE)
process_handle:
0xffffffffffffffff
1
0
0
NtAllocateVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
region_size:
8192
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0000000000b20000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffffffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fef1202000
process_handle:
0xffffffffffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fef1202000
process_handle:
0xffffffffffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fef1202000
process_handle:
0xffffffffffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fef1202000
process_handle:
0xffffffffffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fef1202000
process_handle:
0xffffffffffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fef1202000
process_handle:
0xffffffffffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fef1202000
process_handle:
0xffffffffffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fef1202000
process_handle:
0xffffffffffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fef1202000
process_handle:
0xffffffffffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fef1202000
process_handle:
0xffffffffffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fef1202000
process_handle:
0xffffffffffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fef1204000
process_handle:
0xffffffffffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fef1204000
process_handle:
0xffffffffffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fef1204000
process_handle:
0xffffffffffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fef1204000
process_handle:
0xffffffffffffffff
1
0
0
NtAllocateVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
region_size:
655360
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fffff10000
allocation_type:
1056768
(MEM_RESERVE|MEM_TOP_DOWN)
process_handle:
0xffffffffffffffff
1
0
0
NtAllocateVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fffff10000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffffffffffff
1
0
0
NtAllocateVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fffff10000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffffffffffff
1
0
0
NtAllocateVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fffff20000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffffffffffff
1
0
0
NtAllocateVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
region_size:
65536
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fffff00000
allocation_type:
1056768
(MEM_RESERVE|MEM_TOP_DOWN)
process_handle:
0xffffffffffffffff
1
0
0
NtAllocateVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fffff00000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffffffffffff
1
0
0
NtAllocateVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fe91a5a000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffffffffffff
1
0
0
NtAllocateVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fe91a6c000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffffffffffff
1
0
0
NtAllocateVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fe91b90000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffffffffffff
1
0
0
NtAllocateVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fe91b0c000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffffffffffff
1
0
0
NtAllocateVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fe91b36000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffffffffffff
1
0
0
NtAllocateVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fe91b10000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffffffffffff
1
0
0
NtAllocateVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fe91a5b000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffffffffffff
1
0
0
NtAllocateVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fe91a7b000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffffffffffff
1
0
0
NtAllocateVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fe91aac000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffffffffffff
1
0
0
NtAllocateVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fe91a7d000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffffffffffff
1
0
0
NtAllocateVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
region_size:
36864
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fe91b91000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffffffffffff
1
0
0
NtAllocateVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fe91a52000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffffffffffff
1
0
0
NtAllocateVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fe91a5c000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffffffffffff
1
0
0
NtAllocateVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fe91a6d000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffffffffffff
1
0
0
NtAllocateVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fe91b9a000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffffffffffff
1
0
0
NtAllocateVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fe91b9b000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffffffffffff
1
0
0
NtAllocateVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fe91b9c000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffffffffffff
1
0
0
NtAllocateVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fe91a6e000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffffffffffff
1
0
0
NtAllocateVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fe91b9d000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffffffffffff
1
0
0
NtAllocateVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fe91a6a000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffffffffffff
1
0
0
NtAllocateVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fe91b9e000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffffffffffff
1
0
0
NtAllocateVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
region_size:
8192
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fe91b9f000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffffffffffff
1
0
0
NtAllocateVirtualMemory
Aug. 21, 2021, 6:59 a.m.
process_identifier:
112
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x000007fe91ba1000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffffffffffff
1
0
0