Hello readers, how are you? Two days ago, I experienced a known situation: during a presentation about malware analysis, the malware caused a hang of my system (Win7 x86) for few minutes. Of course, as I was using a virtual machine (VMware), I could have suspended the environment and analyzed the .vmem file. However, I forced (through Windows) generating a manual crash dump for analyzing it using WinDbg (very convenient to me because I was handling a kernel malware) later.
Many attendees asked how I was able to force this dump, so I decided to write a quick explanation for helping who needs this information. Of course, it is a very simple article.
It follows the link for the PDF document:
I would like to make one aspect clear: I usually share tons of information through LinkedIn, Twitter and eventually on this blog for helping people. It does not give me fame, money or anything else. It makes me feeling well for helping people. Therefore, if this article help you, say a “thank you”. Certainly, I will be very glad for it.
Finally, soon I will be publishing another very simple document (about 60 pages) introducing few aspects about the analysis and unpacking a ransomware. Stay tuned!
Have a nice day.
(LinkedIn: http://www.linkedin.com/in/aleborges and Twitter: @ale_sp_brazil).