https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon
This update to Sysmon adds a process image tampering event that reports when the mapped image of a process doesn’t match the on-disk...
Updated Jan 11, 2021
Version 1.0
Any updates? We were seeing similar issue in our builds.
