This is cs-analyze-processdump.py, my tool to analyze Cobalt Strike beacon process dumps, detecting and decoding sleep mode encoding.
cs-analyze-processdump_V0_0_2.zip (https)
MD5: 699C184AA60F741B6DD7CB8C05E12448
SHA256: 5E6C121783C9BC1A392AA4FEFD77D66709B0C8FB2F3E568D8538C6CD81C7B315
Article Link: New tool: cs-analyze-processdump.py | Didier Stevens