1
"Money Never Decreases"
Auto Assembler Script
{ Game : ig2_AddOn.exe
Version:
Date : 2016-04-03
Author : SIMBA
This script does blah blah blah
}
[ENABLE]
aobscanmodule(money,ig2_AddOn.exe,29 5F 04 19 47 08 8D 64 24 00) // should be unique
alloc(newmem,$1000)
label(code)
label(return)
newmem:
code:
mov ebx,0
sub [edi+04],ebx
sbb [edi+08],eax
jmp return
money:
jmp code
nop
return:
registersymbol(money)
[DISABLE]
money:
db 29 5F 04 19 47 08
unregistersymbol(money)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "ig2_AddOn.exe"+1C2DF6
"ig2_AddOn.exe"+1C2DD9: A1 38 5E 34 00 - mov eax,[ig2_AddOn.exe+325E38]
"ig2_AddOn.exe"+1C2DDE: 33 C5 - xor eax,ebp
"ig2_AddOn.exe"+1C2DE0: 89 45 FC - mov [ebp-04],eax
"ig2_AddOn.exe"+1C2DE3: 53 - push ebx
"ig2_AddOn.exe"+1C2DE4: 8B 5D 08 - mov ebx,[ebp+08]
"ig2_AddOn.exe"+1C2DE7: 33 C0 - xor eax,eax
"ig2_AddOn.exe"+1C2DE9: 80 3D FB 29 3B 00 01 - cmp byte ptr [ig2_AddOn.exe+3929FB],01
"ig2_AddOn.exe"+1C2DF0: 57 - push edi
"ig2_AddOn.exe"+1C2DF1: 8B F9 - mov edi,ecx
"ig2_AddOn.exe"+1C2DF3: 0F 44 D8 - cmove ebx,eax
// ---------- INJECTING HERE ----------
"ig2_AddOn.exe"+1C2DF6: 29 5F 04 - sub [edi+04],ebx
"ig2_AddOn.exe"+1C2DF9: 19 47 08 - sbb [edi+08],eax
// ---------- DONE INJECTING ----------
"ig2_AddOn.exe"+1C2DFC: 8D 64 24 00 - lea esp,[esp+00]
"ig2_AddOn.exe"+1C2E00: 39 3C 85 28 CC 3D 00 - cmp [eax*4+ig2_AddOn.exe+3BCC28],edi
"ig2_AddOn.exe"+1C2E07: 74 08 - je ig2_AddOn.exe+1C2E11
"ig2_AddOn.exe"+1C2E09: 40 - inc eax
"ig2_AddOn.exe"+1C2E0A: 83 F8 09 - cmp eax,09
"ig2_AddOn.exe"+1C2E0D: 7C F1 - jl ig2_AddOn.exe+1C2E00
"ig2_AddOn.exe"+1C2E0F: 33 C0 - xor eax,eax
"ig2_AddOn.exe"+1C2E11: FF 75 0C - push [ebp+0C]
"ig2_AddOn.exe"+1C2E14: FF 77 04 - push [edi+04]
"ig2_AddOn.exe"+1C2E17: 53 - push ebx
}
3
"High Profit / Company value"
Auto Assembler Script
{ Game : ig2_AddOn.exe
Version:
Date : 2016-04-03
Author : SIMBA
This script does blah blah blah
}
[ENABLE]
aobscanmodule(profit,ig2_AddOn.exe,01 5F 04 11 47 08 8D 64 24 00) // should be unique
alloc(newmem,$1000)
label(code)
label(return)
newmem:
code:
mov ebx,#1000000
add [edi+04],ebx
adc [edi+08],eax
jmp return
profit:
jmp code
nop
return:
registersymbol(profit)
[DISABLE]
profit:
db 01 5F 04 11 47 08
unregistersymbol(profit)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "ig2_AddOn.exe"+1C3796
"ig2_AddOn.exe"+1C3779: A1 38 5E 34 00 - mov eax,[ig2_AddOn.exe+325E38]
"ig2_AddOn.exe"+1C377E: 33 C5 - xor eax,ebp
"ig2_AddOn.exe"+1C3780: 89 45 FC - mov [ebp-04],eax
"ig2_AddOn.exe"+1C3783: 53 - push ebx
"ig2_AddOn.exe"+1C3784: 8B 5D 08 - mov ebx,[ebp+08]
"ig2_AddOn.exe"+1C3787: 33 C0 - xor eax,eax
"ig2_AddOn.exe"+1C3789: 80 3D FB 29 3B 00 01 - cmp byte ptr [ig2_AddOn.exe+3929FB],01
"ig2_AddOn.exe"+1C3790: 57 - push edi
"ig2_AddOn.exe"+1C3791: 8B F9 - mov edi,ecx
"ig2_AddOn.exe"+1C3793: 0F 44 D8 - cmove ebx,eax
// ---------- INJECTING HERE ----------
"ig2_AddOn.exe"+1C3796: 01 5F 04 - add [edi+04],ebx
"ig2_AddOn.exe"+1C3799: 11 47 08 - adc [edi+08],eax
// ---------- DONE INJECTING ----------
"ig2_AddOn.exe"+1C379C: 8D 64 24 00 - lea esp,[esp+00]
"ig2_AddOn.exe"+1C37A0: 39 3C 85 28 CC 3D 00 - cmp [eax*4+ig2_AddOn.exe+3BCC28],edi
"ig2_AddOn.exe"+1C37A7: 74 08 - je ig2_AddOn.exe+1C37B1
"ig2_AddOn.exe"+1C37A9: 40 - inc eax
"ig2_AddOn.exe"+1C37AA: 83 F8 09 - cmp eax,09
"ig2_AddOn.exe"+1C37AD: 7C F1 - jl ig2_AddOn.exe+1C37A0
"ig2_AddOn.exe"+1C37AF: 33 C0 - xor eax,eax
"ig2_AddOn.exe"+1C37B1: FF 75 0C - push [ebp+0C]
"ig2_AddOn.exe"+1C37B4: FF 77 04 - push [edi+04]
"ig2_AddOn.exe"+1C37B7: 53 - push ebx
}
4
"Yearly Turnover Fixed at 11 Million"
Auto Assembler Script
{ Game : ig2_AddOn.exe
Version:
Date : 2016-04-03
Author : SIMBA
This script does blah blah blah
}
[ENABLE]
aobscanmodule(turnover,ig2_AddOn.exe,18 B7 00 00 8B 07 8D 0C 76 5F 5E 8B 0C 88 8B 45 0C 01 01 8B 45 10) // should be unique
alloc(newmem,$1000)
label(code)
label(return)
newmem:
code:
mov eax,#11000000
add [ecx],eax
mov eax,[ebp+10]
jmp return
turnover+11:
jmp code
return:
registersymbol(turnover)
[DISABLE]
turnover+11:
db 01 01 8B 45 10
unregistersymbol(turnover)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "ig2_AddOn.exe"+1D8445
"ig2_AddOn.exe"+1D842D: 8D 46 01 - lea eax,[esi+01]
"ig2_AddOn.exe"+1D8430: 8B CF - mov ecx,edi
"ig2_AddOn.exe"+1D8432: 50 - push eax
"ig2_AddOn.exe"+1D8433: E8 18 B7 00 00 - call ig2_AddOn.exe+1E3B50
"ig2_AddOn.exe"+1D8438: 8B 07 - mov eax,[edi]
"ig2_AddOn.exe"+1D843A: 8D 0C 76 - lea ecx,[esi+esi*2]
"ig2_AddOn.exe"+1D843D: 5F - pop edi
"ig2_AddOn.exe"+1D843E: 5E - pop esi
"ig2_AddOn.exe"+1D843F: 8B 0C 88 - mov ecx,[eax+ecx*4]
"ig2_AddOn.exe"+1D8442: 8B 45 0C - mov eax,[ebp+0C]
// ---------- INJECTING HERE ----------
"ig2_AddOn.exe"+1D8445: 01 01 - add [ecx],eax
"ig2_AddOn.exe"+1D8447: 8B 45 10 - mov eax,[ebp+10]
// ---------- DONE INJECTING ----------
"ig2_AddOn.exe"+1D844A: 11 41 04 - adc [ecx+04],eax
"ig2_AddOn.exe"+1D844D: 5D - pop ebp
"ig2_AddOn.exe"+1D844E: C2 0C 00 - ret 000C
"ig2_AddOn.exe"+1D8451: CC - int 3
"ig2_AddOn.exe"+1D8452: CC - int 3
"ig2_AddOn.exe"+1D8453: CC - int 3
"ig2_AddOn.exe"+1D8454: CC - int 3
"ig2_AddOn.exe"+1D8455: CC - int 3
"ig2_AddOn.exe"+1D8456: CC - int 3
"ig2_AddOn.exe"+1D8457: CC - int 3
}