I am planning to do a blog series on malware analysis using the Zeus sample that I recently received in an email. The idea is not only to share what it does, but to focus mostly on sufficient details. We will be looking at it through various angles and tools. The first step is to acquire memory image, we will use the freely available VirtualBox to run a Windows XP VM, and using the technique described here, get a memory dump of the machine after running the attachment that contained an exe (invoice copy) file.”]
Source: https://securityintelligence.com/zeus-analysis-memory-forensics-via-volatility/