Time & API |
Arguments |
Status |
Return |
Repeated |
1727545293.328625
NtProtectVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x6fc91000
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
3012
|
success
|
0 |
0
|
1727545293.359625
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x0052a000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
3012
|
success
|
0 |
0
|
1727545293.359625
NtProtectVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x6fc92000
length:
8192
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
3012
|
success
|
0 |
0
|
1727545293.359625
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x00522000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
3012
|
success
|
0 |
0
|
1727545293.422625
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x00532000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
3012
|
success
|
0 |
0
|
1727545293.437625
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x00533000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
3012
|
success
|
0 |
0
|
1727545293.437625
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x0057b000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
3012
|
success
|
0 |
0
|
1727545293.437625
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x00577000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
3012
|
success
|
0 |
0
|
1727545293.437625
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x0053c000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
3012
|
success
|
0 |
0
|
1727545293.515625
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x00680000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
3012
|
success
|
0 |
0
|
1727545293.531625
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x00534000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
3012
|
success
|
0 |
0
|
1727545293.531625
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x00546000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
3012
|
success
|
0 |
0
|
1727545293.547625
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x0053a000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
3012
|
success
|
0 |
0
|
1727545293.562625
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x0056a000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
3012
|
success
|
0 |
0
|
1727545293.578625
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x00562000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
3012
|
success
|
0 |
0
|
1727545293.593625
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x00575000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
3012
|
success
|
0 |
0
|
1727545293.687625
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x0052b000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
3012
|
success
|
0 |
0
|
1727545293.703625
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x0054a000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
3012
|
success
|
0 |
0
|
1727545293.703625
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x00547000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
3012
|
success
|
0 |
0
|
1727545295.468125
NtProtectVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x6f6e1000
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
1988
|
success
|
0 |
0
|
1727545295.484125
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x0051a000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
1988
|
success
|
0 |
0
|
1727545295.484125
NtProtectVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x6f6e2000
length:
8192
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
1988
|
success
|
0 |
0
|
1727545295.484125
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x00512000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
1988
|
success
|
0 |
0
|
1727545295.515125
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x00522000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
1988
|
success
|
0 |
0
|
1727545295.531125
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x00523000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
1988
|
success
|
0 |
0
|
1727545295.531125
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x0055b000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
1988
|
success
|
0 |
0
|
1727545295.531125
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x00557000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
1988
|
success
|
0 |
0
|
1727545295.531125
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x0052c000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
1988
|
success
|
0 |
0
|
1727545295.562125
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x00750000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
1988
|
success
|
0 |
0
|
1727545295.562125
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x0054a000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
1988
|
success
|
0 |
0
|
1727545295.578125
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x00542000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
1988
|
success
|
0 |
0
|
1727545295.578125
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x00524000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
1988
|
success
|
0 |
0
|
1727545295.578125
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x00555000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
1988
|
success
|
0 |
0
|
1727545295.625125
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x00525000
region_size:
8192
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
1988
|
success
|
0 |
0
|
1727545295.625125
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x00527000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
1988
|
success
|
0 |
0
|
1727545295.625125
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x0053a000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
1988
|
success
|
0 |
0
|
1727545295.625125
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x00537000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
1988
|
success
|
0 |
0
|
1727545295.640125
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x0051b000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
1988
|
success
|
0 |
0
|
1727545297.515125
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x01160000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
1988
|
success
|
0 |
0
|
1727545297.515125
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x00536000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
1988
|
success
|
0 |
0
|
1727545301.562125
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x0052a000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
1988
|
success
|
0 |
0
|
1727545301.609125
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x00528000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
1988
|
success
|
0 |
0
|
1727545301.687125
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x01161000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
1988
|
success
|
0 |
0
|
1727545301.765125
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x00513000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
1988
|
success
|
0 |
0
|
1727545301.765125
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x01162000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
1988
|
success
|
0 |
0
|
1727545304.562125
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x0053b000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
1988
|
success
|
0 |
0
|
1727545304.609125
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x01163000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
1988
|
success
|
0 |
0
|
1727545305.140125
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x00751000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
1988
|
success
|
0 |
0
|
1727545305.156125
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x7ef20000
region_size:
327680
allocation_type:
1056768
(MEM_RESERVE|MEM_TOP_DOWN)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
1988
|
success
|
0 |
0
|
1727545305.156125
NtAllocateVirtualMemory
|
process_handle:
0xffffffff
base_address:
0x7ef20000
region_size:
4096
allocation_type:
4096
(MEM_COMMIT)
protection:
64
(PAGE_EXECUTE_READWRITE)
process_identifier:
1988
|
success
|
0 |
0
|