NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x7574c000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75735000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75735000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75733000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a81000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75731000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a7d000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75735000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75733000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a7c000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75753000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75758000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x757ae000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75755000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75731000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a7d000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75734000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75731000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a7d000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75735000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a7c000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75734000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a80000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75731000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a81000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x755bf000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x755c8000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75733000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a7c000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75734000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a7d000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75731000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a7d000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x757af000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75733000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a8b000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75735000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a8b000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75731000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a81000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75731000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a7d000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75731000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a7b000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75735000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a7b000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75734000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a88000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75731000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Aug. 21, 2021, 9 a.m.
process_identifier:
2332
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76a88000
process_handle:
0xffffffff
1
0
0