glmcdona/Process-Dump
Windows tool for dumping malware PE files from memory back to disk for analysis.
CMIT
Issues
- 6
Suggestion
#31 opened by modz2014 - 11
- 1
- 5
Req: -closemon2: detection for new modules loaded after loading pd64.exe -closemon
#17 opened by rugabunda - 0
- 1
- 1
.Net dump
#16 opened by May-Medhat - 2
can not dump some 32 bit .net exe file which run as 64 bit jit code,like Reflector.exe
#13 opened by sonyps5201314 - 2
Large section size
#14 opened by May-Medhat - 2
- 0
- 0
- 1
- 4
All zeros in some regions
#11 opened by xchgrbprsp - 3
64bit ImageBase being truncated to 32bit
#12 opened by xchgrbprsp - 1
- 1
- 1
- 1
- 2