4.5. Create a MiniDump of the full process (minidmp)

Option: `/minidmp`

By default, PE-sieve extracts and dumps the elements that are detected as potential implants (PEs, and optionally shellcodes). However, sometimes you may like to make a dump of the full process space.

When the option /minidmp is chosen, PE-sieve will create a minidump of the full process that was detected as suspicious (in addition to dumping the implants).

Example:

MiniDump example

PE-sieve Wiki, by hasherezade

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

4.5. Create a MiniDump of the full process (minidmp)

Option: `/minidmp`

Example:

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally

4.5. Create a MiniDump of the full process (minidmp)

Option: /minidmp

Example:

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally

Option: `/minidmp`