NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x766e5000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x766fc000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x760cb000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x766e1000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x760cb000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x766e4000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x760cb000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x766e1000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x760d1000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x766fc000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x766e5000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x766e1000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x760cb000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x766e3000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x760cc000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x766e1000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x760cd000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x766e5000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x766e4000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x760cd000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x766e1000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x760cd000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x766e4000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x760d8000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x766e1000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x760d8000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x7670c000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x760d8000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x766e5000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x760d8000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x766e4000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x760d0000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x766e1000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x760d1000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76703000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76708000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x7675e000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x76705000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x766e4000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x760d1000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x766fc000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x760d1000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x766e3000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x760d1000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x766e1000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x760d1000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x7675f000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x766e1000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x760cd000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Nov. 16, 2021, 5:29 p.m.
process_identifier:
2780
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x766e4000
process_handle:
0xffffffff
1
0
0