161
"Infinite Superflame/Supercharge (After Activation)"
Auto Assembler Script
[ENABLE]
aobscanmodule(INFERNO,Spyro-Win64-Shipping.exe,83 79 08 00 7F 08)
alloc(newmem,$1000,"Spyro-Win64-Shipping.exe"+1D4FF34)
label(code)
label(return)
newmem:
pushfq
cmp [rcx],40CC8 //Compare Out Superflame
je @f
cmp [rcx],40D1D //Compare Out Supercharge
je @f
jne code
@@:
jne code
mov [rcx+08],01
code:
popfq
cmp dword ptr [rcx+08],00
jg Spyro-Win64-Shipping.exe+1D4FF42
jmp return
INFERNO:
jmp newmem
nop
return:
registersymbol(INFERNO)
[DISABLE]
INFERNO:
db 83 79 08 00 7F 08
unregistersymbol(INFERNO)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "Spyro-Win64-Shipping.exe"+1D4FF34
"Spyro-Win64-Shipping.exe"+1D4FF15: 75 E9 - jne Spyro-Win64-Shipping.exe+1D4FF00
"Spyro-Win64-Shipping.exe"+1D4FF17: 41 FF C3 - inc r11d
"Spyro-Win64-Shipping.exe"+1D4FF1A: E9 72 FF FF FF - jmp Spyro-Win64-Shipping.exe+1D4FE91
"Spyro-Win64-Shipping.exe"+1D4FF1F: 83 F8 FF - cmp eax,-01
"Spyro-Win64-Shipping.exe"+1D4FF22: 74 16 - je Spyro-Win64-Shipping.exe+1D4FF3A
"Spyro-Win64-Shipping.exe"+1D4FF24: 48 63 C8 - movsxd rcx,eax
"Spyro-Win64-Shipping.exe"+1D4FF27: 48 8D 04 49 - lea rax,[rcx+rcx*2]
"Spyro-Win64-Shipping.exe"+1D4FF2B: 49 8D 0C C1 - lea rcx,[r9+rax*8]
"Spyro-Win64-Shipping.exe"+1D4FF2F: 48 85 C9 - test rcx,rcx
"Spyro-Win64-Shipping.exe"+1D4FF32: 74 06 - je Spyro-Win64-Shipping.exe+1D4FF3A
// ---------- INJECTING HERE ----------
"Spyro-Win64-Shipping.exe"+1D4FF34: 83 79 08 00 - cmp dword ptr [rcx+08],00
"Spyro-Win64-Shipping.exe"+1D4FF38: 7F 08 - jg Spyro-Win64-Shipping.exe+1D4FF42
// ---------- DONE INJECTING ----------
"Spyro-Win64-Shipping.exe"+1D4FF3A: 41 FF C3 - inc r11d
"Spyro-Win64-Shipping.exe"+1D4FF3D: E9 4F FF FF FF - jmp Spyro-Win64-Shipping.exe+1D4FE91
"Spyro-Win64-Shipping.exe"+1D4FF42: 40 B5 01 - mov bpl,01
"Spyro-Win64-Shipping.exe"+1D4FF45: 48 8B 5C 24 18 - mov rbx,[rsp+18]
"Spyro-Win64-Shipping.exe"+1D4FF4A: 40 0F B6 C5 - movzx eax,bpl
"Spyro-Win64-Shipping.exe"+1D4FF4E: 48 8B 6C 24 10 - mov rbp,[rsp+10]
"Spyro-Win64-Shipping.exe"+1D4FF53: 48 8B 74 24 20 - mov rsi,[rsp+20]
"Spyro-Win64-Shipping.exe"+1D4FF58: 5F - pop rdi
"Spyro-Win64-Shipping.exe"+1D4FF59: C3 - ret
"Spyro-Win64-Shipping.exe"+1D4FF5A: CC - int 3
}