Working on a dump.....

I am doing some analysis on some random malware sample i received a while ago, and upon unpacking it i found a binary deep inside the computer's memory. Since ghex was the slow alternative i decided to look at other possibilities to extract the executable from the memory dump.
As seen below, the memory dump starts at 0x00140000, and the DOS header begins at 164c59.

Since we know the offset to the mz header i used pcalc and tail to clean out the garbage and create a unpacked file.

Alternatively, one could use grep -abno MZ to match the MZ string, but this will sometimes create a huge list like in my case - since the dumped size is quite large.