Update ldr_amd64.s resolver to use OriginalBase

[guervild]

Hello

Thank you for your awesome work.

I used it on internal testing with one of my tool and noticed i had to change the value of the Dll address against a security product to use the one in OriginalBase (see https://www.vergiliusproject.com/kernels/x64/Windows%2010%20|%202016/2110%2021H2%20(November%202021%20Update)/_LDR_DATA_TABLE_ENTRY).

If you think it should be merge, it would be interesting to change the comment too ^^

[f1zm0]

Thanks for the contribution!

Out of curiosity, have you also tried to retrieve the address in DllBase with equivalent assembly instructions?

If the detection is due to the original instructions that match a specific pattern of opcodes the security solution classifies as dangerous, maybe we can still retrieve the address from DllBase using alternative instructions very easily.