Process Dump - نسخة قابلة للطباعة +- الفريق العربي للهندسة العكسية (https://www.at4re.net/f) +-- قسم : منتديات البرمجة - Programming Forums (https://www.at4re.net/f/forum-5.html) +--- قسم : البرمجة بلغة السى و السى بلس بلس ++C & C (https://www.at4re.net/f/forum-17.html) +--- الموضوع : Process Dump (/thread-249.html) |
Process Dump - REinvestigator - 25-10-2018 Process Dump إقتباس :Process Dump is a Windows reverse-engineering command-line tool to dump malware memory components back to disk for analysis. Often malware files are packed and obfuscated before they are executed in order to avoid AV scanners, however when these files are executed they will often unpack or inject a clean version of the malware code in memory. A common task for malware researchers when analyzing malware is to dump this unpacked code back from memory to disk for scanning with AV products or for analysis with static analysis tools such as IDA.
|