function LoadFile(const sFilename: string; var lpBuffer: Pointer; var dwFileSize: Cardinal): Boolean;
var
  hFile: THandle;
  lpNumberOfBytesRead: Cardinal;
begin
  Result := False;
  hFile := CreateFile(PAnsiChar(sFilename), GENERIC_READ, FILE_SHARE_READ, nil, OPEN_EXISTING, 0, 0);
  if (hFile <> INVALID_HANDLE_VALUE) then
  begin
    dwFileSize := GetFileSize(hFile, nil);
    if (dwFileSize > 0) then
    begin
      GetMem(lpBuffer, dwFileSize);
      Result := ReadFile(hFile, lpBuffer^, dwFileSize, lpNumberOfBytesRead, nil) and (lpNumberOfBytesRead = dwFileSize);
    end;
    CloseHandle(hFile);
  end;
end;

function SaveFile(const sFilename: string; var lpBuffer: Pointer; var dwFileSize: Cardinal): Boolean;
var
  hFile: THandle;
  lpNumberOfBytesWritten: Cardinal;
begin
  Result := False;
  hFile := CreateFile(PAnsiChar(sFilename), GENERIC_WRITE, FILE_SHARE_WRITE, nil, CREATE_ALWAYS, 0, 0);
  if (hFile <> INVALID_HANDLE_VALUE) and (dwFileSize > 0) then
  begin
    Result := WriteFile(hFile, lpBuffer^, dwFileSize, lpNumberOfBytesWritten, nil) and (lpNumberOfBytesWritten = dwFileSize);
    CloseHandle(hFile);
  end;
end;

function RvaToFileOffset(var lpBuffer: Pointer; dwRva: Cardinal): Cardinal;
var
  ImageDosHeader: PImageDosHeader;
  ImageNtHeaders: PImageNtHeaders;
  ImageSection: PImageSectionHeader;
  x: Word;
begin
  Result := 0;
  ImageDosHeader := PImageDosHeader(Cardinal(lpBuffer));
  if (ImageDosHeader^.e_magic = IMAGE_DOS_SIGNATURE) then
  begin
    ImageNtHeaders := PImageNtHeaders(Cardinal(lpBuffer) + Cardinal(ImageDosHeader._lfanew));
    if (ImageNtHeaders^.Signature = IMAGE_NT_SIGNATURE) then
    begin
      if (dwRva > ImageNtHeaders^.OptionalHeader.ImageBase) then
        dwRva := dwRva - ImageNtHeaders^.OptionalHeader.ImageBase;
      for x := 0 to ImageNtHeaders^.FileHeader.NumberOfSections -1 do
      begin
        ImageSection := PImageSectionHeader(Cardinal(lpBuffer) + Cardinal(ImageDosHeader^._lfanew) + SizeOf(TImageNtHeaders) + (x * SizeOf(TImageSectionHeader)));
        if (dwRva >= ImageSection.VirtualAddress) and (dwRva < ImageSection.VirtualAddress + ImageSection.SizeOfRawData) then
        begin
          Result := dwRva - ImageSection.VirtualAddress + ImageSection.PointerToRawData;
          Break;
        end;
      end;
    end;
  end;
end;

procedure UpdateOffset(var lpBuffer: Pointer; dwFileOffset: Cardinal; Value: Byte); overload;
begin
  PByte(Cardinal(lpBuffer) + dwFileOffset)^ := Value;
end;

procedure UpdateOffset(var lpBuffer: Pointer; dwFileOffset: Cardinal; Value: Word); overload;
begin
  PWord(Cardinal(lpBuffer) + dwFileOffset)^ := Value;
end;

procedure UpdateOffset(var lpBuffer: Pointer; dwFileOffset: Cardinal; Value: DWORD); overload;
begin
  PDWORD(Cardinal(lpBuffer) + dwFileOffset)^ := Value;
end;

procedure TForm1.FormCreate(Sender: TObject);
var
  lpBuffer: Pointer;
  dwFileSize, dwFileOffset: Cardinal;
begin
  if LoadFile('C:\z.exe', lpBuffer, dwFileSize) then
  begin
    dwFileOffset := RvaToFileOffset(lpBuffer, $0040104E);
    UpdateOffset(lpBuffer, dwFileOffset, $90909090);
    SaveFile('C:\z2.exe', lpBuffer, dwFileSize);
    FreeMem(lpBuffer, dwFileSize);
  end;
end;