Softpedia >Windows >Security >Security Related >Process Dump >  Changelog

Process Dump Changelog

What's new in Process Dump 2.1.1

Jan 25, 2022
  • Statically link libraries, which removes the pre-install dependency on Microsoft Visual C++ Redistributable per suggestion from Blaine for easier integration to Mandiant FLARE-VM.

New in Process Dump 2.1 (Apr 3, 2018)

  • Added a new running mode where Process Dump monitors running processes, and dumps any process that attempts to close. This is great for dumping malware after it unpacks itself. Start Process Dump like pd64.exe -closemon, then afterwards run the malware file. It will dump all processes to the local folder as they close. When you would like to stop the monitor, just press CTRL-C to stop Process Dump.
  • Process Dump is now multi-threaded. It spawns a thread per-process it is dumping, which speeds up the process significantly.
  • Added functionality for dumping unattached executable code chunks. These code chunks are executable privilege regions in process memory, but aren't part of a loaded module. All executable regions will be dumped if they include two or more references to library exports in the same process. The clean hash database supports code chunks as well, so you should only see them dumped in rare cases.