Unhandled Exception: System.ArgumentOutOfRangeException #6
Description
Trying to analyze a process memory dump of a known Cobalt Strike process throws the following error. Same issue was found when compiling and using the x86 version of the project as well as when using the "--dump=C:\dump" variant of the command line argument. Only file file in the target directory is a .dmp file generated using Procdump on a Windows x64 machine.
x64\Release>BeaconEye.exe -v -d C:\dump
BeconEye by @EthicalChaos
CobaltStrike beacon hunter and command monitoring tool x86_64
[+] Scanning for beacon processess...
Unhandled Exception: System.ArgumentOutOfRangeException: Specified argument was out of the range of valid values.
at BeaconEye.MiniDumpReader.ReadMemory(UInt64 address, Int32 len)
at BeaconEye.MiniDumpReader.ReadMemory[T](UInt64 address)
at BeaconEye.MiniDumpReader..ctor(Stream source)
at BeaconEye.Reader.MiniDumpProcessEnumerator.GetProcesses()
at BeaconEye.BeaconEye.Main(String[] args)