From 3162825fdc5c59934addf9145e8295ab90a4b2cd Mon Sep 17 00:00:00 2001 From: fslds Date: Mon, 8 Aug 2022 20:27:04 +0000 Subject: [PATCH] Split procdump name pattern into two actual names. --- yml/OtherMSBinaries/Procdump.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/yml/OtherMSBinaries/Procdump.yml b/yml/OtherMSBinaries/Procdump.yml index 65cbb04..6cdafe7 100644 --- a/yml/OtherMSBinaries/Procdump.yml +++ b/yml/OtherMSBinaries/Procdump.yml @@ -1,8 +1,10 @@ --- -Name: Procdump(64).exe +Name: Procdump.exe Description: SysInternals Memory Dump Tool Author: 'Alfie Champion (@ajpc500)' Created: '2020-10-14' +Aliases: + - Procdump64.exe Commands: - Command: procdump.exe -md calc.dll explorer.exe Description: Loads calc.dll where DLL is configured with a 'MiniDumpCallbackRoutine' exported function. Valid process must be provided as dump still created.