Volatile memory forensic tools can extract valuable evidence from latent data structures present in memory dumps. However, current techniques are generally limited by a lack of understanding of the underlying data without the use of expert knowledge. In this paper, we characterize the nature of such evidence by using deep analysis techniques to better understand the life-cycle and recoverability of latent program data in memory. We have developed Cafegrind, a tool that can systematically build an object map and track the use of data structures as a program is running. Statistics collected by our tool can show which data structures are the most numerous, which structures are the most frequently accessed and provide summary statistics to guide forensic analysts in the evidence gathering process. As programs grow increasingly complex and numerous, the ability to pinpoint specific evidence in memory dumps will be increasingly helpful. Cafegrind has been tested on a number of real-world applications and we have shown that it can successfully map up to 96% of heap accesses.