Magnet RAM Capture – Tool to Analyze Memory Artifacts

MAGNET RAM Capture is a free imaging tool designed to capture the physical memory of a suspect’s computer, allowing investigators to recover and analyze valuable artifacts that are often only found in memory.

Magnet RAM Capture - Tool to Analyze Memory Artifacts
Magnet RAM Capture – Tool to Analyze Memory Artifacts

The tool has a small memory footprint, meaning investigators can run the tool while minimizing the data that is overwritten in memory. You can export captured memory data in Raw (.DMP/.RAW/.BIN) format and easily upload into leading analysis tools including Magnet AXIOM and Magnet IEF.

Evidence that can be found in RAM includes processes and programs running on the system, network connections, evidence of malware intrusion, registry hives, usernames and passwords, decrypted files and keys, and evidence of activity not typically stored on the local hard disk.

Operating Systems Supported: Windows XP, Vista, 7, 8, 10, 2003, 2008, 2012 (32 and 64 bit support) Latest version: v1.20 (released July 24, 2019) – Now supports RAM acquisition from Windows 10 systems that have Virtual Secure Mode enabled.

You can read more and download the tool over here: https://www.magnetforensics.com/resources/

Share