The Android operating system is increasingly exposed to a growing list of dangerous malware attacks, these attacks cost users and businesses. There is considerable research into Android malware detection, malware behavior, interaction and permissions. However, there is much less research effort around digital forensic on the Android platform, which has been the victim of the malware. Very recent enhancements to the open source Volatility framework make it a useful memory image forensic tool to investigate Android malware. Android memory forensics is immature, it is also complicated to conduct compared to other popular operating systems. In this paper, we explore and document the processes of building an open source Android forensics investigation environment, planting samples of Android malware, acquiring Android memory images of these samples and the forensic investigation of them. This research will facilitate future memory forensics investigation of Android systems and Android malware analysis.