In the security world, there has been a bunch of discussion about this. The need is because alot of times MS releases patches to vulns without disclosing details.

There have been a few different approaches published. Some a simple hash values for functions, others use logical flow to check for differences.

For looking at what a crack changes the simple hash functions should be fine because it is the same executable with changes. Security patches usually replace the binary and the compiler may have rearanged functions around making detecting the true changes difficult.

Some info on this is available at:
Comparing binaries with graph isomorphisms by Todd Sabin
razor.bindview.com/publish/papers/comparing-binaries.html

and
Halvar's paper from cansecwest is included in the iso image
www.cansecwest.com/resources.html