8yteWizard/DefenderCheck — reverse-engineered prompt

Build me a native Windows console tool in Delphi 12 that helps me figure out exactly which bytes in a file are making Microsoft Defender flag it. I want to point it at a file, have it call Defender through MpCmdRun.exe, confirm the file is detected, then use a binary search style approach to narrow it down to the exact offending offset.

When it finds one, show the signature name, print a readable hex and ASCII dump around that area, zero out about 256 bytes of context so it can keep analyzing, and save all findings to a results.json file. Please include a mode that keeps scanning the rest of the file for more detections, plus a verbose debug mode so I can watch the search process. It should use temp files in C:\Temp and clean them up automatically.

This is for controlled lab research only, so keep it focused on Defender based analysis. If anything is unclear, look up the current Defender command line behavior online and make it work cleanly on Windows.