NtAllocateVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
region_size:
1638400
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x01710000
allocation_type:
8192
(MEM_RESERVE)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x01860000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x73f31000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x73f32000
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
region_size:
2097152
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02fc0000
allocation_type:
8192
(MEM_RESERVE)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x03180000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x013d2000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0142c000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x01580000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x013da000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0144b000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x01447000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
6602752
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00332000
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x01581000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x01582000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x01583000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x01445000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x01584000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x01585000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0097e000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0097e000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00330000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00330000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00330000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00330000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x00330000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0097e000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0097e000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0097e000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0097e000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0097e000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0097e000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0097e000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0097e000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0097e000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0097e000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0097e000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0097e000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0097e000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0097e000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0097e000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0097e000
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x01586000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x01587000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x01436000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0143a000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x01437000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0142d000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
March 17, 2023, 5:31 p.m.
process_identifier:
2052
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x01588000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
March 17, 2023, 5:32 p.m.
process_identifier:
2052
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0142e000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0