var rgn
var sz
var va
GPA "CreateProcessA","kernel32.dll"
mov va,$RESULT
BP va
run
BC va
rtu
mov va,eip
add va,76
bp va
run
bc va
sti
mov rgn,eax
mov va,eip
add va,16
go va
mov sz,eax
eval " damp partial in LordPe select IntelDump address:{rgn} , size:{sz}"
msg $RESULT
ret