Dumper (computer program)

This article does not cite any sources. Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed. Find sources: "Dumper" computer program – news · newspapers · books · scholar · JSTOR (December 2009) (Learn how and when to remove this message)

In computer programming, a dumper is a program which copies data from one source (usually a proprietary format) to another (usually in a more easily accessible format).

A dumper is a program that saves data from the computer's memory, usually from a foreign process (program) to a (*.dmp) file. Often the process's memory is dumped automatically to disk if the program crashes. You may recover any unsaved data from this file or send it to the developer so he can investigate what caused the crash.

Another use of 'dumpers' can be dumping Windows Exe-files from memory after they have been unpacked/decrypted for further analysis (in case of malware), or after unwrapping/unpacking certain security envelopes. These security envelopes are applied by the developer or software vendor to 'protect' these applications.

Usually, a security envelope checks if the application has not been modified, if you are still on your evaluation period or if the original CD is inserted before it unpacks and starts the application in memory. However, just dumping is not enough - because structures like the imported API-Call were overwritten or intentionally mangled by the protector at the start and need to be rebuilt to get a running executable.