|
|
#4
02-22-2022, 06:07
|
|||
|
|||
|
Hi
It might happens because : 1- your target is .NET file and your patched file has another copy in GAC folder (mostly dll files in this case)! 2- sometimes when you're patching files (dll files in .NET I mean) and just renaming original files, windows loader keep going to load original file (don't know why) so you just need to change original file's extension of re/move it solve problem. 3- in native files, sometimes you need to disable ASLR and/or relocation flag, also you need to use rva instead va to have better results (needs more steps but its better). ... xyz- let me know if some parts (or all of them) is not correct  BR, h4sh3m 
|
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Evading behavior analysis | 0xall0c | General Discussion | 3 | 05-14-2018 23:44 |
| armadillo strange behavior | drequinox | General Discussion | 0 | 02-11-2006 08:52 |
| weird search behavior | abitofboth | General Discussion | 0 | 01-30-2005 20:48 |
| A weird debugging question | sgdt | General Discussion | 5 | 06-28-2004 13:11 |
Threaded Mode