Inspect image size (dump section headers)
!dh <module> -f
Write memory region to file
.writemem payload.bin <BaseAddress> <SizeOfImage>
BLUE TEAM / MALWARE REVERSE / WINDOWS / WINDBG
!dh <module> -f
.writemem payload.bin <BaseAddress> <SizeOfImage>