NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75703000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x755c4000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75981000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x755c4000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x755c4000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75981000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x755c4000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x755c7000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x7597e000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x755c4000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x7597d000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x755c1000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x7597d000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x755c4000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75981000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x755dc000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75981000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x755c3000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75981000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x755c1000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75981000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x755c4000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75980000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x755c1000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75981000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x755c3000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75981000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x755c1000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x7597b000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x7563f000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x755c3000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x7597c000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x755dc000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75984000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x755da000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x755c1000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x7597d000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x755c4000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x755c1000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x7597d000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x755c4000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75988000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x755c1000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75988000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x755ec000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75988000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x755c5000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x75988000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x755c3000
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
July 24, 2023, 4:54 p.m.
process_identifier:
2644
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x7597c000
process_handle:
0xffffffff
1
0
0