From paper "Comparative Analysis of Operational Malware Dynamic Link Library (DLL) Injection Live Response vs. Memory Image" (2012): Paper is available at hxxp://ijitcs.com/volume%204_No_1/Ahmed+Alasiri.pdf . ---------- A few of the many Volatility Framework commands: psxview: malfind: Have any of you tried Volatility Framework?
If you're interesting in this topic, there's an 886 page book called "The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory" (2014).
