The document discusses generating volatile indicators of compromise (IOCs) from memory forensics to aid in fast malware triage. It analyzes common malware like ZeuS, SpyEye, PoisonIvy, and ZeroAccess to identify useful IOCs like code injection signs, imported functions, obfuscated strings, and protocol-related strings. Generated IOCs are defined using the OpenIOC framework. While effective, OpenIOC has limitations and room for improvement through automation, open sourcing, and integrating with other specifications.