The steps in this article will capture a memory dump from a VMware virtual machine without stopping its execution. This is useful in cases where forcing a crash or changing the Windows dump parameters is not permitted.

1. When the VM hangs, crashes, or otherwise displays symptoms, go into the VMware vCenter, Workstation, or Fusion interface and take a snapshot of the VM. Optionally, suspend the VM.
2. Browse to the file location where the VM is located. This may vary depending on the VMware product in use. For example, within vCenter, right click the virtual machine and browsing the datastore where the VM is located.
3. Locate the folder with the same name as the VM.
4. Inside the folder, locate the snapshot files. There will be a snapshot (.vmsn) or suspend file (.vmss) in the virtual machine directory, and a non‐monolithic memory (.vmem) file, all with the same base name e.g. servername-Snapshot3 with different suffixes (.vmsn, .vmss, and/or .vmem). If there are different snapshots, e.g. servername-Snapshot1, 2, 3, etc then locate the correct files for the recent snapshot or suspension by examining time/date stamps.
5. Save a copy of all files that are present (.vmsn, .vmss, and .vmem) for the snapshot. In vCenter, right click on the files and choose download and save them to the local machine. Zip them up and send them to the Technical Support Vendor which requested the core dump. 
   
   The following steps are informational only -- it is not necessary to perform them as Technical Support can convert the snapshot files themselves.
    
6. Download the vmss2core.exe file from https://archive.org/download/flings.vmware.com/Flings/Vmss2core/ 
7. Copy the vmss2core.exe utility to the location where you have saved the (.vmsn) or (.vmss) & (.vmem) locally.
8. Open a command line in your system and navigate to the location of the snapshot files and execute the following command:
   
   If snapshot is from a VM where guest OS is Windows 8/Server 2012 or later: (Please note to use the names of the files that downloaded as these are just examples，.vmsn in front and .vmem in the back )
   vmss2core.exe -W8 snapshot.vmsn snapshot.vmem  

If using Microsoft Windows and willing perform the default operation of converting the VM snapshot into a core dump, run this command:
vmss2core.exe snapshot.vmsn snapshot.vmem

If snapshot is from a VM where guest OS is older Windows:
vmss2core.exe -W snapshot.vmsn snapshot.vmem

If snapshot is from a VM where guest OS is Linux:
vmss2core.exe -N snapshot.vmsn snapshot.vmem

Note: .vmsn may be .vmss, and the .vmem file may not be present or necessary. 

Successful output should be a "memory.dmp" (or "vmss.core" in case of Linux)