typedef struct _KTHREAD                              // 109 elements, 0x320 bytes (sizeof)
          {
/*0x000*/     struct _DISPATCHER_HEADER Header;                // 10 elements, 0x18 bytes (sizeof)
/*0x018*/     struct _LIST_ENTRY MutantListHead;               // 2 elements, 0x10 bytes (sizeof)
/*0x028*/     VOID*        InitialStack;
/*0x030*/     VOID*        StackLimit;
/*0x038*/     VOID*        KernelStack;
/*0x040*/     UINT64       ThreadLock;
              union                                            // 2 elements, 0x30 bytes (sizeof)
              {
/*0x048*/         struct _KAPC_STATE ApcState;                 // 5 elements, 0x30 bytes (sizeof)
                  struct                                       // 6 elements, 0x30 bytes (sizeof)
                  {
/*0x048*/             UINT8        ApcStateFill[43];
/*0x073*/             UINT8        ApcQueueable;
/*0x074*/             UINT8        NextProcessor;
/*0x075*/             UINT8        DeferredProcessor;
/*0x076*/             UINT8        AdjustReason;
/*0x077*/             CHAR         AdjustIncrement;
                  };
              };
/*0x078*/     UINT64       ApcQueueLock;
/*0x080*/     INT64        WaitStatus;
              union                                            // 2 elements, 0x8 bytes (sizeof)
              {
/*0x088*/         struct _KWAIT_BLOCK* WaitBlockList;
/*0x088*/         struct _KGATE* GateObject;
              };
/*0x090*/     UINT8        Alertable;
/*0x091*/     UINT8        WaitNext;
/*0x092*/     UINT8        WaitReason;
/*0x093*/     CHAR         Priority;
/*0x094*/     UINT8        EnableStackSwap;
/*0x095*/     UINT8        SwapBusy;
/*0x096*/     UINT8        Alerted[2];
              union                                            // 2 elements, 0x10 bytes (sizeof)
              {
/*0x098*/         struct _LIST_ENTRY WaitListEntry;            // 2 elements, 0x10 bytes (sizeof)
/*0x098*/         struct _SINGLE_LIST_ENTRY SwapListEntry;     // 1 elements, 0x8 bytes (sizeof)
              };
/*0x0A8*/     struct _KQUEUE* Queue;
/*0x0B0*/     VOID*        Teb;
              union                                            // 2 elements, 0x40 bytes (sizeof)
              {
/*0x0B8*/         struct _KTIMER Timer;                        // 5 elements, 0x40 bytes (sizeof)
                  struct                                       // 2 elements, 0x40 bytes (sizeof)
                  {
/*0x0B8*/             UINT8        TimerFill[60];
                      union                                    // 2 elements, 0x4 bytes (sizeof)
                      {
                          struct                               // 3 elements, 0x4 bytes (sizeof)
                          {
/*0x0F4*/                     LONG32       AutoAlignment : 1;  // 0 BitPosition
/*0x0F4*/                     LONG32       DisableBoost : 1;   // 1 BitPosition
/*0x0F4*/                     LONG32       ReservedFlags : 30; // 2 BitPosition
                          };
/*0x0F4*/                 LONG32       ThreadFlags;
                      };
                  };
              };
              union                                            // 9 elements, 0xC0 bytes (sizeof)
              {
/*0x0F8*/         struct _KWAIT_BLOCK WaitBlock[4];
                  struct                                       // 2 elements, 0xC0 bytes (sizeof)
                  {
/*0x0F8*/             UINT8        WaitBlockFill0[43];
/*0x123*/             UINT8        SystemAffinityActive;
/*0x124*/             UINT8        _PADDING0_[0x94];
                  };
                  struct                                       // 2 elements, 0xC0 bytes (sizeof)
                  {
/*0x0F8*/             UINT8        WaitBlockFill1[91];
/*0x153*/             CHAR         PreviousMode;
/*0x154*/             UINT8        _PADDING1_[0x64];
                  };
                  struct                                       // 2 elements, 0xC0 bytes (sizeof)
                  {
/*0x0F8*/             UINT8        WaitBlockFill2[139];
/*0x183*/             UINT8        ResourceIndex;
/*0x184*/             UINT8        _PADDING2_[0x34];
                  };
                  struct                                       // 2 elements, 0xC0 bytes (sizeof)
                  {
/*0x0F8*/             UINT8        WaitBlockFill3[187];
/*0x1B3*/             UINT8        LargeStack;
/*0x1B4*/             UINT8        _PADDING3_[0x4];
                  };
                  struct                                       // 2 elements, 0xC0 bytes (sizeof)
                  {
/*0x0F8*/             UINT8        WaitBlockFill4[44];
/*0x124*/             ULONG32      ContextSwitches;
/*0x128*/             UINT8        _PADDING4_[0x90];
                  };
                  struct                                       // 5 elements, 0xC0 bytes (sizeof)
                  {
/*0x0F8*/             UINT8        WaitBlockFill5[92];
/*0x154*/             UINT8        State;
/*0x155*/             UINT8        NpxState;
/*0x156*/             UINT8        WaitIrql;
/*0x157*/             CHAR         WaitMode;
/*0x158*/             UINT8        _PADDING5_[0x60];
                  };
                  struct                                       // 2 elements, 0xC0 bytes (sizeof)
                  {
/*0x0F8*/             UINT8        WaitBlockFill6[140];
/*0x184*/             ULONG32      WaitTime;
/*0x188*/             UINT8        _PADDING6_[0x30];
                  };
                  struct                                       // 2 elements, 0xC0 bytes (sizeof)
                  {
/*0x0F8*/             UINT8        WaitBlockFill7[188];
                      union                                    // 2 elements, 0x4 bytes (sizeof)
                      {
                          struct                               // 2 elements, 0x4 bytes (sizeof)
                          {
/*0x1B4*/                     INT16        KernelApcDisable;
/*0x1B6*/                     INT16        SpecialApcDisable;
                          };
/*0x1B4*/                 ULONG32      CombinedApcDisable;
                      };
                  };
              };
/*0x1B8*/     struct _LIST_ENTRY QueueListEntry;               // 2 elements, 0x10 bytes (sizeof)
/*0x1C8*/     struct _KTRAP_FRAME* TrapFrame;
/*0x1D0*/     VOID*        CallbackStack;
/*0x1D8*/     VOID*        ServiceTable;
/*0x1E0*/     ULONG32      KernelLimit;
/*0x1E4*/     UINT8        ApcStateIndex;
/*0x1E5*/     UINT8        IdealProcessor;
/*0x1E6*/     UINT8        Preempted;
/*0x1E7*/     UINT8        ProcessReadyQueue;
/*0x1E8*/     VOID*        Win32kTable;
/*0x1F0*/     ULONG32      Win32kLimit;
/*0x1F4*/     UINT8        KernelStackResident;
/*0x1F5*/     CHAR         BasePriority;
/*0x1F6*/     CHAR         PriorityDecrement;
/*0x1F7*/     CHAR         Saturation;
/*0x1F8*/     UINT64       UserAffinity;
/*0x200*/     struct _KPROCESS* Process;
/*0x208*/     UINT64       Affinity;
/*0x210*/     struct _KAPC_STATE* ApcStatePointer[2];
              union                                            // 2 elements, 0x30 bytes (sizeof)
              {
/*0x220*/         struct _KAPC_STATE SavedApcState;            // 5 elements, 0x30 bytes (sizeof)
                  struct                                       // 6 elements, 0x30 bytes (sizeof)
                  {
/*0x220*/             UINT8        SavedApcStateFill[43];
/*0x24B*/             CHAR         FreezeCount;
/*0x24C*/             CHAR         SuspendCount;
/*0x24D*/             UINT8        UserIdealProcessor;
/*0x24E*/             UINT8        CalloutActive;
/*0x24F*/             UINT8        CodePatchInProgress;
                  };
              };
/*0x250*/     VOID*        Win32Thread;
/*0x258*/     VOID*        StackBase;
              union                                            // 7 elements, 0x58 bytes (sizeof)
              {
/*0x260*/         struct _KAPC SuspendApc;                     // 16 elements, 0x58 bytes (sizeof)
                  struct                                       // 2 elements, 0x58 bytes (sizeof)
                  {
/*0x260*/             UINT8        SuspendApcFill0[1];
/*0x261*/             CHAR         Quantum;
/*0x262*/             UINT8        _PADDING7_[0x56];
                  };
                  struct                                       // 2 elements, 0x58 bytes (sizeof)
                  {
/*0x260*/             UINT8        SuspendApcFill1[3];
/*0x263*/             UINT8        QuantumReset;
/*0x264*/             UINT8        _PADDING8_[0x54];
                  };
                  struct                                       // 2 elements, 0x58 bytes (sizeof)
                  {
/*0x260*/             UINT8        SuspendApcFill2[4];
/*0x264*/             ULONG32      KernelTime;
/*0x268*/             UINT8        _PADDING9_[0x50];
                  };
                  struct                                       // 2 elements, 0x58 bytes (sizeof)
                  {
/*0x260*/             UINT8        SuspendApcFill3[64];
/*0x2A0*/             VOID*        TlsArray;
/*0x2A8*/             UINT8        _PADDING10_[0x10];
                  };
                  struct                                       // 2 elements, 0x58 bytes (sizeof)
                  {
/*0x260*/             UINT8        SuspendApcFill4[72];
/*0x2A8*/             VOID*        LegoData;
/*0x2B0*/             UINT8        _PADDING11_[0x8];
                  };
                  struct                                       // 3 elements, 0x58 bytes (sizeof)
                  {
/*0x260*/             UINT8        SuspendApcFill5[83];
/*0x2B3*/             UINT8        PowerState;
/*0x2B4*/             ULONG32      UserTime;
                  };
              };
              union                                            // 2 elements, 0x20 bytes (sizeof)
              {
/*0x2B8*/         struct _KSEMAPHORE SuspendSemaphore;         // 2 elements, 0x20 bytes (sizeof)
                  struct                                       // 2 elements, 0x20 bytes (sizeof)
                  {
/*0x2B8*/             UINT8        SuspendSemaphorefill[28];
/*0x2D4*/             ULONG32      SListFaultCount;
                  };
              };
/*0x2D8*/     struct _LIST_ENTRY ThreadListEntry;              // 2 elements, 0x10 bytes (sizeof)
/*0x2E8*/     VOID*        SListFaultAddress;
/*0x2F0*/     INT64        ReadOperationCount;
/*0x2F8*/     INT64        WriteOperationCount;
/*0x300*/     INT64        OtherOperationCount;
/*0x308*/     INT64        ReadTransferCount;
/*0x310*/     INT64        WriteTransferCount;
/*0x318*/     INT64        OtherTransferCount;
          }KTHREAD, *PKTHREAD;
Return to structures/enums list.
Return to O.S. version list.

(c) MoonSols 2010.