NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
393216
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00770000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
393216
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02070000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x003d0000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x003e0000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x003f0000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x007b0000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x007c0000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x007d0000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00a70000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00c20000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x020d0000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x020e0000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x020f0000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02100000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02110000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02120000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02130000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02140000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02150000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02380000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02390000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x023a0000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x023b0000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x023c0000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x023d0000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x023e0000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x023f0000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02400000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02410000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02420000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02430000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02440000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02450000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02460000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02780000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02790000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x027a0000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x027b0000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x027c0000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x027d0000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x027e0000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x027f0000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02800000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02810000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02820000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02830000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02840000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02850000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02860000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtAllocateVirtualMemory
|
process_identifier:
2312
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02870000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
|
1
|
0 |
0
|