After some digging around with netstat and tasklist and determining that the System process was what was responding to requests on ports 80 and 443, I had a thought I ought to have had earlier, and looked to see what happens when making a localhost request on the production server being copied. To my surprise it was the same thing: A 404 returned by something identifying itself as
Microsoft-HTTPAPI/2.0...Which finally put the thought into my head that it might be related to the hostname in the IIS port binding.
Sure enough, when I edited those bindings to match the DNS name of the copy host, rather than the name of the server being copied, requests were handled by IIS and everything was back to normal as far as web service.
Another cautionary tale about a developer with little admin experience having to try to solve an admin-side mystery.