Load it in a debugger and find out!
- You have executable-can-move checked in DllCharacteristic and relocations are present, thus windows7+ loads the executable at a random address, imagebase is just the preferred address. But as you can see in the opcodes you are hardcoding your VA, which will then be invalid.
- Better to choose a relative jump directly, which doesnt encode an absolute VA but rather the location relative to the current address. Use the following and avoid all issues with location of the executable:
000000013F44D000 E9 FB3FFEFF jmp 13F431000
If you are wondering how to get “FB3FFEFF”:
(0x000000013F44D000 – 114693) + 5 –> FB3FFEFF
where 0x000000013F44D000 is the current address, 114693 is the difference to the new location and 5 the size of the jump instruction itself.