# vol.py --profile=LinuxGoldfish_2_6_29ARM  -f memory.dmp linux_dentry_cache >  bodyfile
 # mactime -b bodyfile > filelist.txt
 # cat filelist | grep -i httpmon.apk
    124408 ..c. 0 1000     1015     174      Download/[Megafileupload]org.jtb.httpmon.apk
 Mon Jun 01 2099 23:51:36   124408 .a.. 0 1000     1015     174      Download/[Megafileupload]org.jtb.httpmon.apk
 [...]
 # vol.py --profile=LinuxGoldfish_2_6_29ARM -f memory.dmp linux_find_file -F "/mnt/sdcard/Download/[Megafileupload]org.jtb.httpmon.apk"

 Volatility Foundation Volatility Framework 2.4
 Inode Number          Inode File Path
 ---------------- ---------- ---------
   174 0xf36d6920 /mnt/sdcard/Download/[Megafileupload]org.jtb.httpmon.apk

 # vol.py --profile=LinuxGoldfish_2_6_29ARM -f memory.dmp linux_find_file -i 0xf36d6920   -O /tmp/httpmon_extracted.apk
 # unzip /tmp/httpmon_extracted.apk -d /tmp/httpmon
 ls -l
 insgesamt 144
 drwxr-xr-x  4 root root  4096 Nov 17 09:33 ./
 drwxrwxrwt 12 hpm  hpm  12288 Nov 17 09:33 ../
 -rw-r--r--  1 root root  6264 Nov 27  2010 AndroidManifest.xml
 -rw-r--r--  1 root root 98532 Feb 21  2014 classes.dex
 drwxr-xr-x  2 root root  4096 Nov 17 09:33 META-INF/
 drwxr-xr-x  4 root root  4096 Nov 17 09:33 res/
 -rw-r--r--  1 root root 10808 Nov 27  2010 resources.arsc

 # d2j-dex2jar.sh classes.dex
 # dex2jar classes.dex -> classes-dex2jar.jar