Time & API |
Arguments |
Status |
Return |
Repeated |
1620966467.810501
NtAllocateVirtualMemory
|
process_identifier:
2288
region_size:
1441792
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
allocation_type:
8192
(MEM_RESERVE)
base_address:
0x00000000009a0000
|
success
|
0 |
0
|
1620966467.810501
NtAllocateVirtualMemory
|
process_identifier:
2288
region_size:
8192
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
allocation_type:
4096
(MEM_COMMIT)
base_address:
0x0000000000a80000
|
success
|
0 |
0
|
1620966469.653501
NtProtectVirtualMemory
|
process_identifier:
2288
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
base_address:
0x000007fef19d1000
|
success
|
0 |
0
|
1620966470.075501
NtProtectVirtualMemory
|
process_identifier:
2288
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
base_address:
0x000007fef1c4e000
|
success
|
0 |
0
|
1620966470.075501
NtProtectVirtualMemory
|
process_identifier:
2288
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
base_address:
0x000007fef1c4e000
|
success
|
0 |
0
|
1620966470.216501
NtProtectVirtualMemory
|
process_identifier:
2288
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
base_address:
0x000007fef1c4f000
|
success
|
0 |
0
|
1620966470.216501
NtProtectVirtualMemory
|
process_identifier:
2288
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
base_address:
0x000007fef1c4f000
|
success
|
0 |
0
|
1620966470.216501
NtProtectVirtualMemory
|
process_identifier:
2288
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
base_address:
0x000007fef1c4f000
|
success
|
0 |
0
|
1620966470.216501
NtProtectVirtualMemory
|
process_identifier:
2288
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
base_address:
0x000007fef1c4f000
|
success
|
0 |
0
|
1620966470.216501
NtProtectVirtualMemory
|
process_identifier:
2288
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
base_address:
0x000007fef1c4f000
|
success
|
0 |
0
|
1620966470.216501
NtProtectVirtualMemory
|
process_identifier:
2288
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
base_address:
0x000007fef1c4f000
|
success
|
0 |
0
|
1620966470.216501
NtProtectVirtualMemory
|
process_identifier:
2288
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
base_address:
0x000007fef1c4f000
|
success
|
0 |
0
|
1620966470.216501
NtProtectVirtualMemory
|
process_identifier:
2288
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
base_address:
0x000007fef1c4f000
|
success
|
0 |
0
|
1620966470.216501
NtProtectVirtualMemory
|
process_identifier:
2288
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
base_address:
0x000007fef1c50000
|
success
|
0 |
0
|
1620966470.216501
NtProtectVirtualMemory
|
process_identifier:
2288
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
base_address:
0x000007fef1c50000
|
success
|
0 |
0
|
1620966470.216501
NtProtectVirtualMemory
|
process_identifier:
2288
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
base_address:
0x000007fef1c50000
|
success
|
0 |
0
|
1620966470.216501
NtProtectVirtualMemory
|
process_identifier:
2288
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
base_address:
0x000007fef1c50000
|
success
|
0 |
0
|
1620966470.216501
NtProtectVirtualMemory
|
process_identifier:
2288
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
base_address:
0x000007fef1c50000
|
success
|
0 |
0
|
1620966470.216501
NtProtectVirtualMemory
|
process_identifier:
2288
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
base_address:
0x000007fef1c51000
|
success
|
0 |
0
|
1620966470.216501
NtProtectVirtualMemory
|
process_identifier:
2288
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
base_address:
0x000007fef1c51000
|
success
|
0 |
0
|
1620966470.231501
NtProtectVirtualMemory
|
process_identifier:
2288
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
base_address:
0x000007fef1c51000
|
success
|
0 |
0
|
1620966470.231501
NtProtectVirtualMemory
|
process_identifier:
2288
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
base_address:
0x000007fef1c51000
|
success
|
0 |
0
|
1620966470.231501
NtProtectVirtualMemory
|
process_identifier:
2288
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
length:
4096
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
base_address:
0x000007fef1c4e000
|
success
|
0 |
0
|
1620966470.763501
NtAllocateVirtualMemory
|
process_identifier:
2288
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
allocation_type:
4096
(MEM_COMMIT)
base_address:
0x000007ff00052000
|
success
|
0 |
0
|
1620966470.919501
NtAllocateVirtualMemory
|
process_identifier:
2288
region_size:
589824
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
allocation_type:
1056768
(MEM_RESERVE|MEM_TOP_DOWN)
base_address:
0x000007fffff10000
|
success
|
0 |
0
|
1620966470.919501
NtAllocateVirtualMemory
|
process_identifier:
2288
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
allocation_type:
4096
(MEM_COMMIT)
base_address:
0x000007fffff10000
|
success
|
0 |
0
|
1620966470.919501
NtAllocateVirtualMemory
|
process_identifier:
2288
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
allocation_type:
4096
(MEM_COMMIT)
base_address:
0x000007fffff10000
|
success
|
0 |
0
|
1620966470.919501
NtAllocateVirtualMemory
|
process_identifier:
2288
region_size:
65536
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
0
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
allocation_type:
1056768
(MEM_RESERVE|MEM_TOP_DOWN)
base_address:
0x000007fffff00000
|
success
|
0 |
0
|
1620966470.919501
NtAllocateVirtualMemory
|
process_identifier:
2288
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
allocation_type:
4096
(MEM_COMMIT)
base_address:
0x000007fffff00000
|
success
|
0 |
0
|
1620966470.935501
NtAllocateVirtualMemory
|
process_identifier:
2288
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
allocation_type:
4096
(MEM_COMMIT)
base_address:
0x000007ff0010a000
|
success
|
0 |
0
|
1620966470.950501
NtAllocateVirtualMemory
|
process_identifier:
2288
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
allocation_type:
4096
(MEM_COMMIT)
base_address:
0x000007ff00042000
|
success
|
0 |
0
|
1620966471.325501
NtAllocateVirtualMemory
|
process_identifier:
2288
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
allocation_type:
4096
(MEM_COMMIT)
base_address:
0x000007ff00053000
|
success
|
0 |
0
|
1620966471.466501
NtAllocateVirtualMemory
|
process_identifier:
2288
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
allocation_type:
4096
(MEM_COMMIT)
base_address:
0x000007ff0011a000
|
success
|
0 |
0
|
1620966471.466501
NtAllocateVirtualMemory
|
process_identifier:
2288
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
allocation_type:
4096
(MEM_COMMIT)
base_address:
0x000007ff00142000
|
success
|
0 |
0
|
1620966471.466501
NtAllocateVirtualMemory
|
process_identifier:
2288
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
allocation_type:
4096
(MEM_COMMIT)
base_address:
0x000007ff0011d000
|
success
|
0 |
0
|
1620966471.513501
NtAllocateVirtualMemory
|
process_identifier:
2288
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
allocation_type:
4096
(MEM_COMMIT)
base_address:
0x000007ff0005c000
|
success
|
0 |
0
|
1620966472.606501
NtAllocateVirtualMemory
|
process_identifier:
2288
region_size:
8192
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
allocation_type:
4096
(MEM_COMMIT)
base_address:
0x000007ff00054000
|
success
|
0 |
0
|
1620966472.606501
NtAllocateVirtualMemory
|
process_identifier:
2288
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
allocation_type:
4096
(MEM_COMMIT)
base_address:
0x000007ff00056000
|
success
|
0 |
0
|
1620966472.731501
NtAllocateVirtualMemory
|
process_identifier:
2288
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
allocation_type:
4096
(MEM_COMMIT)
base_address:
0x000007ff00057000
|
success
|
0 |
0
|
1620966472.747501
NtAllocateVirtualMemory
|
process_identifier:
2288
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
allocation_type:
4096
(MEM_COMMIT)
base_address:
0x000007ff00190000
|
success
|
0 |
0
|
1620966472.981501
NtAllocateVirtualMemory
|
process_identifier:
2288
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
allocation_type:
4096
(MEM_COMMIT)
base_address:
0x000007ff0005a000
|
success
|
0 |
0
|
1620966473.106501
NtAllocateVirtualMemory
|
process_identifier:
2288
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
allocation_type:
4096
(MEM_COMMIT)
base_address:
0x000007ff00102000
|
success
|
0 |
0
|
1620966473.169501
NtAllocateVirtualMemory
|
process_identifier:
2288
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
allocation_type:
4096
(MEM_COMMIT)
base_address:
0x000007ff0006f000
|
success
|
0 |
0
|
1620966473.185501
NtAllocateVirtualMemory
|
process_identifier:
2288
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
allocation_type:
4096
(MEM_COMMIT)
base_address:
0x000007ff000a4000
|
success
|
0 |
0
|
1620966473.200501
NtAllocateVirtualMemory
|
process_identifier:
2288
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
allocation_type:
4096
(MEM_COMMIT)
base_address:
0x000007ff00073000
|
success
|
0 |
0
|
1620966473.200501
NtAllocateVirtualMemory
|
process_identifier:
2288
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
allocation_type:
4096
(MEM_COMMIT)
base_address:
0x000007ff0005b000
|
success
|
0 |
0
|
1620966473.231501
NtAllocateVirtualMemory
|
process_identifier:
2288
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
allocation_type:
4096
(MEM_COMMIT)
base_address:
0x000007ff001d0000
|
success
|
0 |
0
|
1620966473.263501
NtAllocateVirtualMemory
|
process_identifier:
2288
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
allocation_type:
4096
(MEM_COMMIT)
base_address:
0x000007ff001d1000
|
success
|
0 |
0
|
1620966473.388501
NtAllocateVirtualMemory
|
process_identifier:
2288
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
allocation_type:
4096
(MEM_COMMIT)
base_address:
0x000007ff0010b000
|
success
|
0 |
0
|
1620966473.435501
NtAllocateVirtualMemory
|
process_identifier:
2288
region_size:
4096
stack_dep_bypass:
0
stack_pivoted:
0
heap_dep_bypass:
1
protection:
64
(PAGE_EXECUTE_READWRITE)
process_handle:
0xffffffffffffffff
allocation_type:
4096
(MEM_COMMIT)
base_address:
0x000007ff001d2000
|
success
|
0 |
0
|