It may come as no surprise that there are options for changing a binary's signature, and we should recognize when some of those options are employed in binaries we're analyzing manually. We will focus on the analysis of one technique in more depth in the next chapter, but, for now, let's learn a few ways to change a binary's signature. We'll actually employ a technique we learned about in an Chapter 5, Linux Tools for Binary Analysis, to accomplish our goal.

For this recipe, we'll try to change the binary's signature so that the signature detection Python script doesn't detect the signatures in the altered binary. We can use the output from the previous recipe to understand the signatures that the script is looking for. Specifically, we'll want to tackle the bytes 48 83 C0 3B and see if we can come up with an alternate way of accomplishing the instruction associated with those assembly opcodes.