Thanks for the Memories: Identifying Malware from a Memory Capture

Great summary, these types of articles always make me want to learn more about capturing malware. Could you use something like Yara to then write your own ruleset to identify this?

There are commercial solutions that look at memory constantly to identify malware. ManTech Cyber Solutions International, Inc. (MCSI)is the division the defense contractor created to house it's HBGary division. Guidance Software, best known for its forensics software, Encase, also does this. But the underlying technology is also based on HBGary.

Where does the memory capture come from?