Jump to content
Microsoft Windows Bulletin Board

debug diag caused binary changes, bytes were moved

Guest hookedatwallacom

By Guest hookedatwallacom
in Windows Servers

 Share

Recommended Posts

Guest hookedatwallacom

Guest hookedatwallacom

Posted
Posted

Hi all,

 

Someone was trying to set a debug diag rule on our process, after 2 days, the process was changed.

 

The .exe of my software was changed, The first 2 bytes (0,1) were changed with other (12,13).

This has caused to not load/execute correctly.

 

Here is a screenshot of binary comparison.

Who would do this? Left is original, Right is the modified version.

 

4D 54 was replaced with FF FF

 

1524911.thumb.png.a76d3ee56a5ed590f1433e7e22087a06.png

 

Can debugdiag cause it?

 

Continue reading...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...