Open ankit351104 opened 6 months ago
I am using Volatility 3, and whenever I try to dump a file using the virtual address, it gives me an empty output.
Command Used: python.exe vol.py -f D:\volaNew\MFLab\MemoryDump_Lab3.raw -o "dump" windows.dumpfiles --virtaddr 0x3de1b5f0
Memory Dump: https://mega.nz/#!2ohlTAzL!1T5iGzhUWdn88zS1yrDJA06yUouZxC-VstzXFSRuzVg
I am using Volatility 3, and whenever I try to dump a file using the virtual address, it gives me an empty output.
Command Used: python.exe vol.py -f D:\volaNew\MFLab\MemoryDump_Lab3.raw -o "dump" windows.dumpfiles --virtaddr 0x3de1b5f0
Memory Dump: https://mega.nz/#!2ohlTAzL!1T5iGzhUWdn88zS1yrDJA06yUouZxC-VstzXFSRuzVg