NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
655360
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02890000
allocation_type:
8192
(MEM_RESERVE)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x028f0000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x72891000
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x01eda000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtProtectVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
8192
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x72892000
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x01ed2000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x021f2000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x028f1000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
8192
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x028f2000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0221a000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x021f3000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x021f4000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0222b000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02227000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x01edb000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02212000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02225000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x021f5000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0221c000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x05080000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x021f6000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0222c000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02213000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02214000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02215000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02216000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02217000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02218000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02219000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x05130000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x05131000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x05132000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x05133000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x05134000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x05135000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x05136000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x05137000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x05138000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x05139000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0513a000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0513b000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0513c000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0513d000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0513e000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x0513f000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x05140000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x05141000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x05142000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x05143000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0
NtAllocateVirtualMemory
Sept. 13, 2023, 2:02 p.m.
process_identifier:
2892
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x05144000
allocation_type:
4096
(MEM_COMMIT)
process_handle:
0xffffffff
1
0
0