NtProtectVirtualMemory
|
process_identifier:
316
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
length:
163840
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x022b0000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
316
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
length:
32768
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x022d8000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
316
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
length:
32768
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x022e0000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
316
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
length:
32768
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x022e8000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
316
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
length:
32768
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x022f0000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
316
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
length:
32768
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x022f8000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
316
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
length:
32768
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02300000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
316
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
length:
32768
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02308000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
316
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
length:
32768
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02310000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
316
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
length:
32768
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02318000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
316
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
length:
32768
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02320000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
316
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
length:
32768
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02328000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
316
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
length:
32768
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02330000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
316
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
length:
32768
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02338000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
316
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
length:
32768
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02340000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
316
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
length:
32768
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02348000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
316
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
length:
32768
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02350000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
316
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
length:
32768
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02358000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
316
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
length:
32768
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02360000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
316
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
length:
32768
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02368000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
316
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
length:
32768
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02370000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
316
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
length:
32768
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02378000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
316
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
length:
32768
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02380000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
316
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
length:
32768
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02388000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
316
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
length:
32768
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02390000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
316
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
length:
32768
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x02398000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
316
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
length:
32768
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x023a0000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
316
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
length:
32768
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x023a8000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
316
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
length:
32768
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x023b0000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
316
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
length:
32768
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x023b8000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
316
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
length:
32768
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x023c0000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
2244
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x73be1000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
2368
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x73c01000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
2448
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x73be1000
process_handle:
0xffffffff
|
1
|
0 |
0
|
NtProtectVirtualMemory
|
process_identifier:
2528
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
base_address:
0x73c01000
process_handle:
0xffffffff
|
1
|
0 |
0
|