From 8fc032e6d66c925aecd7a254c5080029f8717e60 Mon Sep 17 00:00:00 2001 From: Hardy-Cooper Date: Mon, 7 Dec 2020 09:54:01 -0500 Subject: [PATCH] Add ability to configure if you want proc memdumps from zer0m0n --- cuckoo/data/analyzer/windows/analyzer.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cuckoo/data/analyzer/windows/analyzer.py b/cuckoo/data/analyzer/windows/analyzer.py index de1be36162..32a4a3bc5b 100644 --- a/cuckoo/data/analyzer/windows/analyzer.py +++ b/cuckoo/data/analyzer/windows/analyzer.py @@ -344,7 +344,8 @@ def _handle_dumpmem(self, data): log.warning("Received DUMPMEM command with an incorrect argument.") return - dump_memory(int(data)) + if self.analyzer.config.options.get("procmemdump"): + dump_memory(int(data)) def _handle_dumpreqs(self, data): if not data.isdigit():