//0xa8 bytes (sizeof)
struct _KPROCESS
{
struct _DISPATCHER_HEADER Header; //0x0
struct _LIST_ENTRY ProfileListHead; //0x10
ULONG DirectoryTableBase; //0x18
struct _KGDTENTRY LdtDescriptor; //0x1c
struct _KIDTENTRY Int21Descriptor; //0x24
struct _LIST_ENTRY ThreadListHead; //0x2c
ULONG ProcessLock; //0x34
ULONGLONG DeepFreezeStartTime; //0x38
struct _KAFFINITY_EX Affinity; //0x40
struct _LIST_ENTRY ReadyListHead; //0x4c
struct _SINGLE_LIST_ENTRY SwapListEntry; //0x54
volatile struct _KAFFINITY_EX ActiveProcessors; //0x58
union
{
struct
{
LONG AutoAlignment:1; //0x64
LONG DisableBoost:1; //0x64
LONG DisableQuantum:1; //0x64
ULONG DeepFreeze:1; //0x64
ULONG TimerVirtualization:1; //0x64
ULONG CheckStackExtents:1; //0x64
ULONG SpareFlags0:2; //0x64
ULONG ActiveGroupsMask:1; //0x64
LONG ReservedFlags:23; //0x64
};
volatile LONG ProcessFlags; //0x64
};
CHAR BasePriority; //0x68
CHAR QuantumReset; //0x69
UCHAR Visited; //0x6a
union _KEXECUTE_OPTIONS Flags; //0x6b
ULONG ThreadSeed[1]; //0x6c
USHORT IdealNode[1]; //0x70
USHORT IdealGlobalNode; //0x72
USHORT Spare1; //0x74
USHORT IopmOffset; //0x76
struct _KSCHEDULING_GROUP* SchedulingGroup; //0x78
unionvolatile _KSTACK_COUNT StackCount; //0x7c
struct _LIST_ENTRY ProcessListEntry; //0x80
ULONGLONG CycleTime; //0x88
ULONGLONG ContextSwitches; //0x90
ULONG FreezeCount; //0x98
ULONG KernelTime; //0x9c
ULONG UserTime; //0xa0
VOID* VdmTrapcHandler; //0xa4
};