|
I don't really get it. In order to produce two EXE with identical MD5, the two EXE must be identical before appending the overlay. This way it's not possible to produce one fraudulent EXE with the same MD5 as the original EXE.
You can only append different random data producing the same MD5, but this cannot influence the execution of the EXE since it doesn't rely on that information in it's unmodified state (the overlay is not present in the unmodified state).
|