O'Reilly logo

Memory Dump Analysis Anthology, Volume 5 by Dmitry Vostokov

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 11. Structural Memory Patterns

Memory Snapshot

In this part we divide memory analysis patterns discerned so far as mostly abnormal software behavior memory dump[58] and software trace[59] patterns into behavioral and structural catalogues. The goal is to account for normal system-independent structural entities and relationships visible in memory like modules, threads, processes and so on.

The first pattern (and also a super-pattern) we discuss here is called Memory Snapshot. It is further subdivided into Structured Memory Snapshot and BLOB Memory Snapshot. Structured sub-pattern includes:

  • Contiguous memory dump files with artificially generated headers (for example, physical or process virtual space memory dump)

  • Software trace messages with ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required