I had a program here that I wanted to analyze. The program has a random header all the time, but the process name has the same name all the time.
Now my first question is, why do that?
This is how the headers text may look like: bD^3]~2C.ëO.á.@
Not exactly as that, but a style of how it may look like.
The format is like this: xxxxx~xCxxxxá.@
x = random everytime I start the .exe, all other is always the same.
alyways ends with á.@
6th character is always ~
8th characteris always a "weird" C (C from a other alphabet)
11th character is always a box () those letter boxes in utf-8 format or something that you usually can find in .dll files.
and 15 characters all the time.
So what's the point of having a random header, I've asked some other programmers and they said it can be a checksum, well why would you then debug a checksum in a header?
Yea, I meant the header of the program itself, you probably know what a HTML Header is? Then imagine the programs header, nothing about .h source files.