Windows Process Dump

Down Windows Sysinternals Suite from Microsoft:

Sysinternals Suite - Windows Sysinternalsdocsmsft

upload procdump64.exe onto the target windows box

may need to accept the EULA agreement first

.\procdump64.exe -accepteula

Dump a process

.\procdump64.exe -ma <pid>

This will produce a binary dump file, which you can run the strings command on and grep for passwords