We were recently asked to outline a simple approach to proceed after opening a memory dump. So we came up with these 7 steps:
1. !analyze -v [-hang]
2. Exception (Bugcheck): stack trace analysis with d* and lmv
3. !locks
4. !runaway f (!running)
5. Dump all (processes and) thread stack traces [with 32-bit] ~*kv (!process 0 3f)
6. Search for signs/patterns of abnormal behavior (exceptions, wait chains, message boxes [, from your custom checklist4])
7. Narrow analysis down to a specific thread and dump raw stack data if needed [repeat*]
(Commands / options in brackets denote kernel/complete dump variation)
[Notes in square brackets denote additional options, such as x64 specifics, your product details, etc.]
4 http://www.dumpanalysis.org/windows-memory-analysis-checklist