Volatility not working with windows Livekd memory dump (.dmp)

[weabey]

hello,

I used Windows LiveKd - Windows Sysinternals tool to extract the memory dump and tried volatility for analyse the same. However i could not figure out the imageinfo cannot proceed further. any-idea on how to solve this ?

[frenchy35]

Hi,

I've the same issue, probably your dump come from a pro or eentreprise version of windows 10, memory seems to be crypted..

@+

__ Philippe

[atcuno]

Can you please try with the latest version of Volatility by using a checkout from here (GitHub)? I see that you are running what appears to be the standalone executable, which is extremely old at this point.