As far as I know VAC does MD5 checking and manual mapping checks.
"MD5 hash can be bypassed with hook gates and function encryption. [...] I try to match the MD5 of xfire.dll as much as possible (99%), have the dll named xfire.dll, the
injector named xfire.exe, and have the same EAT/IAT as xfire.dll does then just call LoadLibraryA. Once you defeat the two main methods that VAC uses to catch hacks, you're pretty much invincible." -Gir489 (The guy who made Darkstorm)