Re: State of Decay 2 - Windows Store (Legit)
Posted: Sun Aug 07, 2022 11:47 am
Community Cheat Tables of Cheat Engine
https://fearlessrevolution.com/
Yeah, it was working indeed.
Here is a semi-table.
It's working again.
That's weird. It works fine for me.Alberkicki wrote: ↑Fri Aug 26, 2022 7:45 amjust a heads up "no blood plague" is broken, it doesnt display the progression but your survivors still contract it. i've had four survivors die of blood plague with the cheat active.
instant lootIvanMoody wrote: ↑Fri Sep 02, 2022 4:58 amThats weird. I works fine for me.Alberkicki wrote: ↑Fri Aug 26, 2022 7:45 amjust a heads up "no blood plague" is broken, it doesnt display the progression but your survivors still contract it. i've had four survivors die of blood plague with the cheat active.
The only things I miss are the Max Skill and the Teleport Feature.
Nhut_uraki wrote: ↑Fri Sep 02, 2022 4:37 pminstant loot
instant survey
show zombieon map
inf durability weapon
inf ammo
zero weight
instant creation and update
instant max skill
that not working!
Code: Select all
{======================
Author : aanpsx
Date : 2021-06-24
Game : StateOfDecay2-Win64-Shipping.exe
Version : 1.0.0.0
======================}
define(Yes_Map1,db 40 B6 01 90)
define(No_Map1,db 40 0F 93 C6)
define(Yes_Map3,db 90 90)
define(No_Map3,db 74 04)
define(bytes_Map2,db 48 8B 0C 0F E8 60 86 FB FF)
define(fmax,(float)999999999)
define(fmin,(float)0)
define(imax,#999999999)
define(psx,align 10 CC)
define(mov1,mov byte ptr)
define(mov2,mov word ptr)
define(mov4,mov dword ptr)
define(cmp1,cmp byte ptr)
define(cmp2,cmp word ptr)
define(cmp4,cmp dword ptr)
define(bit,byte ptr)
define(8b,dq 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0)
//---------- 0 8101820283038404850586068707880889098a0a8b0b8c0c8d0c8e0e8f0f8000810
//================================================================================
[ENABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x0080FF00
-------------- A.B.G.R
{$asm}
aobscanmodule(PSX_Map2,$process,48 8B 0C 0F E8 ** ** ** ** 0F B6 C8 40 84 F6)//StateOfDecay2-Win64-Shipping.exe+712DD7
alloc(newmem_Map2,$1000,PSX_Map2)
label(code_Map2,_Map2)
registersymbol(PSX_Map2,code_Map2,_Map2)
newmem_Map2:
mov [_Map2],rcx //main pointer
mov [_Map2+8],rax
mov [_Map2+10],rbx
mov [_Map2+18],rcx
mov [_Map2+20],rdx
mov [_Map2+28],rdi
mov [_Map2+30],rsi
mov [_Map2+38],r8
mov [_Map2+40],r9
mov [_Map2+48],r10
mov [_Map2+50],r11
mov [_Map2+58],r12
mov [_Map2+60],r13
mov [_Map2+68],r14
mov [_Map2+70],r15
//================== inject here
mov rcx,[rdi+rcx]
mov eax,0
jmp return_Map2
exit_Map2:
//==================
//mov rax,[_Map2+8]
//mov rbx,[_Map2+10]
//mov rcx,[_Map2+18]
//mov rdx,[_Map2+20]
//mov rdi,[_Map2+28]
//mov rsi,[_Map2+30]
//mov r8,[_Map2+38]
//mov r9,[_Map2+40]
//mov r10,[_Map2+48]
//mov r11,[_Map2+50]
//mov r12,[_Map2+58]
//mov r13,[_Map2+60]
//mov r14,[_Map2+68]
//mov r15,[_Map2+70]
//==================
code_Map2:
readmem(PSX_Map2,9)
//mov rcx,[rdi+rcx]
//call StateOfDecay2-Win64-Shipping.exe+6CB440
jmp return_Map2
psx
_Map2:
8b
PSX_Map2:
jmp newmem_Map2
nop 4
return_Map2:
//
//aobscanmodule(PSX_Map1,$process,44 0F 2F C6 40 0F 93 C6 48 8B 8B)//40 0F 93 C6 48 8B 8B ** ** ** ** 48 8B 0C 0F) //StateOfDecay2-Win64-Shipping.exe+712DCC -- Original Code
aobscanmodule(PSX_Map1,$process,44 0F 2F C6 40 0F 93) //Temporary Fix
registersymbol(PSX_Map1)
PSX_Map1+4:
Yes_Map1
//
aobscanmodule(PSX_Map3,$process,74 04 B0 01 EB 02 32 C0 40 84 F6 75 22)//StateOfDecay2-Win64-Shipping.exe+712DF2
registersymbol(PSX_Map3)
PSX_Map3:
Yes_Map3
[DISABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x00FF80FF
-------------- A.B.G.R
{$asm}
unregistersymbol(*)//unreg all
dealloc(*)//dealoc all
//unregistersymbol(PSX_Map2,code_Map2,_Map2)
//dealloc(newmem_Map2)
PSX_Map2:
readmem(code_Map2,9)
//mov rcx,[rdi+rcx]
//call StateOfDecay2-Win64-Shipping.exe+6CB440
unregistersymbol(PSX_Map1)
PSX_Map1+4:
No_Map1
unregistersymbol(PSX_Map3)
PSX_Map3:
No_Map3
{
// ORIGINAL CODE - INJECTION POINT: StateOfDecay2-Win64-Shipping.exe+712DD7
StateOfDecay2-Win64-Shipping.exe+712D80: F3 0F 10 44 24 44 - movss xmm0,[rsp+44]
StateOfDecay2-Win64-Shipping.exe+712D86: F3 0F 5C 45 C4 - subss xmm0,[rbp-3C]
StateOfDecay2-Win64-Shipping.exe+712D8B: F3 0F 10 74 24 40 - movss xmm6,[rsp+40]
StateOfDecay2-Win64-Shipping.exe+712D91: F3 0F 5C 75 C0 - subss xmm6,[rbp-40]
StateOfDecay2-Win64-Shipping.exe+712D96: F3 0F 59 F6 - mulss xmm6,xmm6
StateOfDecay2-Win64-Shipping.exe+712D9A: F3 0F 59 C0 - mulss xmm0,xmm0
StateOfDecay2-Win64-Shipping.exe+712D9E: F3 0F 58 F0 - addss xmm6,xmm0
StateOfDecay2-Win64-Shipping.exe+712DA2: 48 8B 0C 0F - mov rcx,[rdi+rcx]
StateOfDecay2-Win64-Shipping.exe+712DA6: E8 35 DE C7 FF - call StateOfDecay2-Win64-Shipping.exe+390BE0
StateOfDecay2-Win64-Shipping.exe+712DAB: 44 0F B6 F0 - movzx r14d,al
StateOfDecay2-Win64-Shipping.exe+712DAF: 88 45 60 - mov [rbp+60],al
StateOfDecay2-Win64-Shipping.exe+712DB2: 48 8B 8B A0 06 00 00 - mov rcx,[rbx+000006A0]
StateOfDecay2-Win64-Shipping.exe+712DB9: F3 0F 11 74 0F 10 - movss [rdi+rcx+10],xmm6
StateOfDecay2-Win64-Shipping.exe+712DBF: 84 C0 - test al,al
StateOfDecay2-Win64-Shipping.exe+712DC1: 74 05 - je StateOfDecay2-Win64-Shipping.exe+712DC8
StateOfDecay2-Win64-Shipping.exe+712DC3: 0F 2F FE - comiss xmm7,xmm6
StateOfDecay2-Win64-Shipping.exe+712DC6: EB 04 - jmp StateOfDecay2-Win64-Shipping.exe+712DCC
StateOfDecay2-Win64-Shipping.exe+712DC8: 44 0F 2F C6 - comiss xmm8,xmm6
StateOfDecay2-Win64-Shipping.exe+712DCC: 40 0F 93 C6 - setae sil
StateOfDecay2-Win64-Shipping.exe+712DD0: 48 8B 8B A0 06 00 00 - mov rcx,[rbx+000006A0]
// ---------- INJECTING HERE ----------
StateOfDecay2-Win64-Shipping.exe+712DD7: 48 8B 0C 0F - mov rcx,[rdi+rcx]
// ---------- DONE INJECTING ----------
StateOfDecay2-Win64-Shipping.exe+712DDB: E8 60 86 FB FF - call StateOfDecay2-Win64-Shipping.exe+6CB440
StateOfDecay2-Win64-Shipping.exe+712DE0: 0F B6 C8 - movzx ecx,al
StateOfDecay2-Win64-Shipping.exe+712DE3: 40 84 F6 - test sil,sil
StateOfDecay2-Win64-Shipping.exe+712DE6: 74 10 - je StateOfDecay2-Win64-Shipping.exe+712DF8
StateOfDecay2-Win64-Shipping.exe+712DE8: 84 C0 - test al,al
StateOfDecay2-Win64-Shipping.exe+712DEA: 75 0C - jne StateOfDecay2-Win64-Shipping.exe+712DF8
StateOfDecay2-Win64-Shipping.exe+712DEC: 38 83 A8 07 00 00 - cmp [rbx+000007A8],al
StateOfDecay2-Win64-Shipping.exe+712DF2: 74 04 - je StateOfDecay2-Win64-Shipping.exe+712DF8
StateOfDecay2-Win64-Shipping.exe+712DF4: B0 01 - mov al,01
StateOfDecay2-Win64-Shipping.exe+712DF6: EB 02 - jmp StateOfDecay2-Win64-Shipping.exe+712DFA
StateOfDecay2-Win64-Shipping.exe+712DF8: 32 C0 - xor al,al
StateOfDecay2-Win64-Shipping.exe+712DFA: 40 84 F6 - test sil,sil
StateOfDecay2-Win64-Shipping.exe+712DFD: 75 22 - jne StateOfDecay2-Win64-Shipping.exe+712E21
StateOfDecay2-Win64-Shipping.exe+712DFF: 45 84 E4 - test r12l,r12l
StateOfDecay2-Win64-Shipping.exe+712E02: 74 1D - je StateOfDecay2-Win64-Shipping.exe+712E21
StateOfDecay2-Win64-Shipping.exe+712E04: 84 C9 - test cl,cl
StateOfDecay2-Win64-Shipping.exe+712E06: 75 19 - jne StateOfDecay2-Win64-Shipping.exe+712E21
StateOfDecay2-Win64-Shipping.exe+712E08: 38 8B A8 07 00 00 - cmp [rbx+000007A8],cl
StateOfDecay2-Win64-Shipping.exe+712E0E: 74 11 - je StateOfDecay2-Win64-Shipping.exe+712E21
StateOfDecay2-Win64-Shipping.exe+712E10: 4D 8B C5 - mov r8,r13
}
{
// ORIGINAL CODE - INJECTION POINT: StateOfDecay2-Win64-Shipping.exe+712DCC
StateOfDecay2-Win64-Shipping.exe+712D77: F2 0F 10 00 - movsd xmm0,[rax]
StateOfDecay2-Win64-Shipping.exe+712D7B: F2 0F 11 45 C0 - movsd [rbp-40],xmm0
StateOfDecay2-Win64-Shipping.exe+712D80: F3 0F 10 44 24 44 - movss xmm0,[rsp+44]
StateOfDecay2-Win64-Shipping.exe+712D86: F3 0F 5C 45 C4 - subss xmm0,[rbp-3C]
StateOfDecay2-Win64-Shipping.exe+712D8B: F3 0F 10 74 24 40 - movss xmm6,[rsp+40]
StateOfDecay2-Win64-Shipping.exe+712D91: F3 0F 5C 75 C0 - subss xmm6,[rbp-40]
StateOfDecay2-Win64-Shipping.exe+712D96: F3 0F 59 F6 - mulss xmm6,xmm6
StateOfDecay2-Win64-Shipping.exe+712D9A: F3 0F 59 C0 - mulss xmm0,xmm0
StateOfDecay2-Win64-Shipping.exe+712D9E: F3 0F 58 F0 - addss xmm6,xmm0
StateOfDecay2-Win64-Shipping.exe+712DA2: 48 8B 0C 0F - mov rcx,[rdi+rcx]
StateOfDecay2-Win64-Shipping.exe+712DA6: E8 35 DE C7 FF - call StateOfDecay2-Win64-Shipping.exe+390BE0
StateOfDecay2-Win64-Shipping.exe+712DAB: 44 0F B6 F0 - movzx r14d,al
StateOfDecay2-Win64-Shipping.exe+712DAF: 88 45 60 - mov [rbp+60],al
StateOfDecay2-Win64-Shipping.exe+712DB2: 48 8B 8B A0 06 00 00 - mov rcx,[rbx+000006A0]
StateOfDecay2-Win64-Shipping.exe+712DB9: F3 0F 11 74 0F 10 - movss [rdi+rcx+10],xmm6
StateOfDecay2-Win64-Shipping.exe+712DBF: 84 C0 - test al,al
StateOfDecay2-Win64-Shipping.exe+712DC1: 74 05 - je StateOfDecay2-Win64-Shipping.exe+712DC8
StateOfDecay2-Win64-Shipping.exe+712DC3: 0F 2F FE - comiss xmm7,xmm6
StateOfDecay2-Win64-Shipping.exe+712DC6: EB 04 - jmp StateOfDecay2-Win64-Shipping.exe+712DCC
StateOfDecay2-Win64-Shipping.exe+712DC8: 44 0F 2F C6 - comiss xmm8,xmm6
// ---------- INJECTING HERE ----------
StateOfDecay2-Win64-Shipping.exe+712DCC: 40 0F 93 C6 - setae sil
// ---------- DONE INJECTING ----------
StateOfDecay2-Win64-Shipping.exe+712DD0: 48 8B 8B A0 06 00 00 - mov rcx,[rbx+000006A0]
StateOfDecay2-Win64-Shipping.exe+712DD7: 48 8B 0C 0F - mov rcx,[rdi+rcx]
StateOfDecay2-Win64-Shipping.exe+712DDB: E8 60 86 FB FF - call StateOfDecay2-Win64-Shipping.exe+6CB440
StateOfDecay2-Win64-Shipping.exe+712DE0: 0F B6 C8 - movzx ecx,al
StateOfDecay2-Win64-Shipping.exe+712DE3: 40 84 F6 - test sil,sil
StateOfDecay2-Win64-Shipping.exe+712DE6: 74 10 - je StateOfDecay2-Win64-Shipping.exe+712DF8
StateOfDecay2-Win64-Shipping.exe+712DE8: 84 C0 - test al,al
StateOfDecay2-Win64-Shipping.exe+712DEA: 75 0C - jne StateOfDecay2-Win64-Shipping.exe+712DF8
StateOfDecay2-Win64-Shipping.exe+712DEC: 38 83 A8 07 00 00 - cmp [rbx+000007A8],al
StateOfDecay2-Win64-Shipping.exe+712DF2: 74 04 - je StateOfDecay2-Win64-Shipping.exe+712DF8
StateOfDecay2-Win64-Shipping.exe+712DF4: B0 01 - mov al,01
StateOfDecay2-Win64-Shipping.exe+712DF6: EB 02 - jmp StateOfDecay2-Win64-Shipping.exe+712DFA
StateOfDecay2-Win64-Shipping.exe+712DF8: 32 C0 - xor al,al
StateOfDecay2-Win64-Shipping.exe+712DFA: 40 84 F6 - test sil,sil
StateOfDecay2-Win64-Shipping.exe+712DFD: 75 22 - jne StateOfDecay2-Win64-Shipping.exe+712E21
StateOfDecay2-Win64-Shipping.exe+712DFF: 45 84 E4 - test r12l,r12l
StateOfDecay2-Win64-Shipping.exe+712E02: 74 1D - je StateOfDecay2-Win64-Shipping.exe+712E21
StateOfDecay2-Win64-Shipping.exe+712E04: 84 C9 - test cl,cl
StateOfDecay2-Win64-Shipping.exe+712E06: 75 19 - jne StateOfDecay2-Win64-Shipping.exe+712E21
StateOfDecay2-Win64-Shipping.exe+712E08: 38 8B A8 07 00 00 - cmp [rbx+000007A8],cl
}
{
// ORIGINAL CODE - INJECTION POINT: StateOfDecay2-Win64-Shipping.exe+712DF2
StateOfDecay2-Win64-Shipping.exe+712DA6: E8 35 DE C7 FF - call StateOfDecay2-Win64-Shipping.exe+390BE0
StateOfDecay2-Win64-Shipping.exe+712DAB: 44 0F B6 F0 - movzx r14d,al
StateOfDecay2-Win64-Shipping.exe+712DAF: 88 45 60 - mov [rbp+60],al
StateOfDecay2-Win64-Shipping.exe+712DB2: 48 8B 8B A0 06 00 00 - mov rcx,[rbx+000006A0]
StateOfDecay2-Win64-Shipping.exe+712DB9: F3 0F 11 74 0F 10 - movss [rdi+rcx+10],xmm6
StateOfDecay2-Win64-Shipping.exe+712DBF: 84 C0 - test al,al
StateOfDecay2-Win64-Shipping.exe+712DC1: 74 05 - je StateOfDecay2-Win64-Shipping.exe+712DC8
StateOfDecay2-Win64-Shipping.exe+712DC3: 0F 2F FE - comiss xmm7,xmm6
StateOfDecay2-Win64-Shipping.exe+712DC6: EB 04 - jmp StateOfDecay2-Win64-Shipping.exe+712DCC
StateOfDecay2-Win64-Shipping.exe+712DC8: 44 0F 2F C6 - comiss xmm8,xmm6
StateOfDecay2-Win64-Shipping.exe+712DCC: 40 0F 93 C6 - setae sil
StateOfDecay2-Win64-Shipping.exe+712DD0: 48 8B 8B A0 06 00 00 - mov rcx,[rbx+000006A0]
StateOfDecay2-Win64-Shipping.exe+712DD7: 48 8B 0C 0F - mov rcx,[rdi+rcx]
StateOfDecay2-Win64-Shipping.exe+712DDB: E8 60 86 FB FF - call StateOfDecay2-Win64-Shipping.exe+6CB440
StateOfDecay2-Win64-Shipping.exe+712DE0: 0F B6 C8 - movzx ecx,al
StateOfDecay2-Win64-Shipping.exe+712DE3: 40 84 F6 - test sil,sil
StateOfDecay2-Win64-Shipping.exe+712DE6: 74 10 - je StateOfDecay2-Win64-Shipping.exe+712DF8
StateOfDecay2-Win64-Shipping.exe+712DE8: 84 C0 - test al,al
StateOfDecay2-Win64-Shipping.exe+712DEA: 75 0C - jne StateOfDecay2-Win64-Shipping.exe+712DF8
StateOfDecay2-Win64-Shipping.exe+712DEC: 38 83 A8 07 00 00 - cmp [rbx+000007A8],al
// ---------- INJECTING HERE ----------
StateOfDecay2-Win64-Shipping.exe+712DF2: 74 04 - je StateOfDecay2-Win64-Shipping.exe+712DF8
// ---------- DONE INJECTING ----------
StateOfDecay2-Win64-Shipping.exe+712DF4: B0 01 - mov al,01
StateOfDecay2-Win64-Shipping.exe+712DF6: EB 02 - jmp StateOfDecay2-Win64-Shipping.exe+712DFA
StateOfDecay2-Win64-Shipping.exe+712DF8: 32 C0 - xor al,al
StateOfDecay2-Win64-Shipping.exe+712DFA: 40 84 F6 - test sil,sil
StateOfDecay2-Win64-Shipping.exe+712DFD: 75 22 - jne StateOfDecay2-Win64-Shipping.exe+712E21
StateOfDecay2-Win64-Shipping.exe+712DFF: 45 84 E4 - test r12l,r12l
StateOfDecay2-Win64-Shipping.exe+712E02: 74 1D - je StateOfDecay2-Win64-Shipping.exe+712E21
StateOfDecay2-Win64-Shipping.exe+712E04: 84 C9 - test cl,cl
StateOfDecay2-Win64-Shipping.exe+712E06: 75 19 - jne StateOfDecay2-Win64-Shipping.exe+712E21
StateOfDecay2-Win64-Shipping.exe+712E08: 38 8B A8 07 00 00 - cmp [rbx+000007A8],cl
StateOfDecay2-Win64-Shipping.exe+712E0E: 74 11 - je StateOfDecay2-Win64-Shipping.exe+712E21
StateOfDecay2-Win64-Shipping.exe+712E10: 4D 8B C5 - mov r8,r13
StateOfDecay2-Win64-Shipping.exe+712E13: 48 8D 54 24 40 - lea rdx,[rsp+40]
StateOfDecay2-Win64-Shipping.exe+712E18: 48 8B 4D D0 - mov rcx,[rbp-30]
StateOfDecay2-Win64-Shipping.exe+712E1C: E8 9F 16 F6 FF - call StateOfDecay2-Win64-Shipping.exe+6744C0
StateOfDecay2-Win64-Shipping.exe+712E21: 48 8B 8B A0 06 00 00 - mov rcx,[rbx+000006A0]
StateOfDecay2-Win64-Shipping.exe+712E28: 33 F6 - xor esi,esi
StateOfDecay2-Win64-Shipping.exe+712E2A: 40 38 74 0F 0E - cmp [rdi+rcx+0E],sil
StateOfDecay2-Win64-Shipping.exe+712E2F: 0F 84 22 01 00 00 - je StateOfDecay2-Win64-Shipping.exe+712F57
StateOfDecay2-Win64-Shipping.exe+712E35: 84 C0 - test al,al
}
Code: Select all
[ENABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x0080FF00
-------------- A.B.G.R
{$asm}
//aobscanmodule(aobUpgrade,StateOfDecay2-Win64-Shipping.exe,F3 0F ? ? F3 41 ? ? ? 48 8B ? F3 0F ? ? ? ? 44 8B) //Original Code
aobscanmodule(aobUpgrade,StateOfDecay2-Win64-Shipping.exe,F3 0F 58 C7 F3 41 0F) //Temporary Fix
alloc(newmem,$100,aobUpgrade)
label(code)
label(return)
newmem:
push 49742400
movss xmm7,[rsp]
add rsp,08
code:
addss xmm0,xmm7
movss [r15],xmm0
jmp return
aobUpgrade:
jmp newmem
nop 4
return:
registersymbol(aobUpgrade)
[DISABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x00FF80FF
-------------- A.B.G.R
{$asm}
aobUpgrade:
db F3 0F 58 C7 F3 41 0F 11 07
unregistersymbol(aobUpgrade)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "StateOfDecay2-Win64-Shipping.exe"+40E86F
"StateOfDecay2-Win64-Shipping.exe"+40E844: 49 8B C9 - mov rcx,r9
"StateOfDecay2-Win64-Shipping.exe"+40E847: E8 84 33 00 00 - call StateOfDecay2-Win64-Shipping.exe+411BD0
"StateOfDecay2-Win64-Shipping.exe"+40E84C: 90 - nop
"StateOfDecay2-Win64-Shipping.exe"+40E84D: 41 0F 2F F8 - comiss xmm7,xmm8
"StateOfDecay2-Win64-Shipping.exe"+40E851: 0F 86 F8 00 00 00 - jbe StateOfDecay2-Win64-Shipping.exe+40E94F
"StateOfDecay2-Win64-Shipping.exe"+40E857: 49 8B 9E 00 FE FF FF - mov rbx,[r14-00000200]
"StateOfDecay2-Win64-Shipping.exe"+40E85E: 48 85 DB - test rbx,rbx
"StateOfDecay2-Win64-Shipping.exe"+40E861: 0F 84 E8 00 00 00 - je StateOfDecay2-Win64-Shipping.exe+40E94F
"StateOfDecay2-Win64-Shipping.exe"+40E867: F3 41 0F 10 1F - movss xmm3,[r15]
"StateOfDecay2-Win64-Shipping.exe"+40E86C: 0F 28 C3 - movaps xmm0,xmm3
// ---------- INJECTING HERE ----------
"StateOfDecay2-Win64-Shipping.exe"+40E86F: F3 0F 58 C7 - addss xmm0,xmm7
"StateOfDecay2-Win64-Shipping.exe"+40E873: F3 41 0F 11 07 - movss [r15],xmm0
// ---------- DONE INJECTING ----------
"StateOfDecay2-Win64-Shipping.exe"+40E878: 48 8B 03 - mov rax,[rbx]
"StateOfDecay2-Win64-Shipping.exe"+40E87B: F3 0F 11 44 24 20 - movss [rsp+20],xmm0
"StateOfDecay2-Win64-Shipping.exe"+40E881: 44 8B C7 - mov r8d,edi
"StateOfDecay2-Win64-Shipping.exe"+40E884: 48 8B D6 - mov rdx,rsi
"StateOfDecay2-Win64-Shipping.exe"+40E887: 48 8B CB - mov rcx,rbx
"StateOfDecay2-Win64-Shipping.exe"+40E88A: FF 90 38 02 00 00 - call qword ptr [rax+00000238]
"StateOfDecay2-Win64-Shipping.exe"+40E890: 84 C0 - test al,al
"StateOfDecay2-Win64-Shipping.exe"+40E892: 0F 84 B7 00 00 00 - je StateOfDecay2-Win64-Shipping.exe+40E94F
"StateOfDecay2-Win64-Shipping.exe"+40E898: 49 8B 16 - mov rdx,[r14]
"StateOfDecay2-Win64-Shipping.exe"+40E89B: 8B 86 C8 07 00 00 - mov eax,[rsi+000007C8]
}
Code: Select all
[ENABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x0080FF00
-------------- A.B.G.R
{$asm}
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
//============================================================================\\
//Original Code
//============================================================================\\
//aobscanmodule(q1,$process,72 1C 0F B6 4B ?? 40 3A CD)
//aobscanmodule(q2,$process,77 16 F3 0F 10 35 ?? ?? ?? ?? 41 B0 01)
//============================================================================\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
//============================================================================\\
//Test
//============================================================================\\
//aobscanmodule(q1,$process,72 1C 0F) //B6 4B ?? 40 3A CD)
//aobscanmodule(q2,$process,77 16 F3 0F 10) //35 ?? ?? ?? ?? 41 B0 01)
//============================================================================\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
//============================================================================\\
//Temporary Fix
//============================================================================\\
aobscanmodule(q1,$process,90 90 0F 28 CC)
aobscanmodule(q2,$process,90 90 F3 0F 10 46 30)
//============================================================================\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
q1:
db 90 90
q2:
db 90 90
registersymbol(q1)
registersymbol(q2)
[DISABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x00FF80FF
-------------- A.B.G.R
{$asm}
Code: Select all
[ENABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x0080FF00
-------------- A.B.G.R
{$asm}
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
//============================================================================\\
//Original Code
//============================================================================\\
//aobscanmodule(kssg,$process,F3 0F 5F 35 ?? ?? ?? ?? E8 ?? ?? ?? ?? 90)
//============================================================================\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
//============================================================================\\
//Temporary Fix
//============================================================================\\
aobscanmodule(kssg,$process,F3 0F 5F 35) //F3 0F 5D 35 35 17 FD 02
//============================================================================\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
kssg:
minss xmm6,[StateOfDecay2-Win64-Shipping.exe+335688C]
registersymbol(kssg)
[DISABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x00FF80FF
-------------- A.B.G.R
{$asm}
Code: Select all
{======================
Author : aanpsx
Date : 2021-06-10
Game : StateOfDecay2-Win64-Shipping.exe
Version : 1.0.0.0
======================}
define(Yes_ZeroWeight,db 0F 57 C0 90)
define(No_ZeroWeight,db F3 0F 59 C6)
[ENABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x0080FF00
-------------- A.B.G.R
{$asm}
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
//============================================================================\\
//Original Code
//============================================================================\\
//aobscanmodule(PSX_ZeroWeight,StateOfDecay2-Win64-Shipping.exe,F3 0F 59 C6 F3 0F 58 ** 49 83 ** 08 ** ** ** ** ** ** 0F 85) //StateOfDecay2-Win64-Shipping.exe+435E20
//============================================================================\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
//============================================================================\\
//Temporary Fix
//============================================================================\\
aobscanmodule(PSX_ZeroWeight,$process,F3 0F 59 C6 F3 0F 58 ** 49 83 **) //0F 57 C0 90 F3 0F 58 F8
//============================================================================\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
registersymbol(PSX_ZeroWeight)
PSX_ZeroWeight:
Yes_ZeroWeight
[DISABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x00FF80FF
-------------- A.B.G.R
{$asm}
unregistersymbol(PSX_ZeroWeight)
PSX_ZeroWeight:
No_ZeroWeight
{
// ORIGINAL CODE - INJECTION POINT: StateOfDecay2-Win64-Shipping.exe+435E20
StateOfDecay2-Win64-Shipping.exe+435DD5: 48 8B 49 30 - mov rcx,[rcx+30]
StateOfDecay2-Win64-Shipping.exe+435DD9: 48 85 C9 - test rcx,rcx
StateOfDecay2-Win64-Shipping.exe+435DDC: 75 F2 - jne StateOfDecay2-Win64-Shipping.exe+435DD0
StateOfDecay2-Win64-Shipping.exe+435DDE: 49 8B DC - mov rbx,r12
StateOfDecay2-Win64-Shipping.exe+435DE1: 4C 39 A3 00 01 00 00 - cmp [rbx+00000100],r12
StateOfDecay2-Win64-Shipping.exe+435DE8: 75 0C - jne StateOfDecay2-Win64-Shipping.exe+435DF6
StateOfDecay2-Win64-Shipping.exe+435DEA: 48 8B 03 - mov rax,[rbx]
StateOfDecay2-Win64-Shipping.exe+435DED: 48 8B CB - mov rcx,rbx
StateOfDecay2-Win64-Shipping.exe+435DF0: FF 90 D0 02 00 00 - call qword ptr [rax+000002D0]
StateOfDecay2-Win64-Shipping.exe+435DF6: 48 8B 8B 00 01 00 00 - mov rcx,[rbx+00000100]
StateOfDecay2-Win64-Shipping.exe+435DFD: 48 8B 01 - mov rax,[rcx]
StateOfDecay2-Win64-Shipping.exe+435E00: FF 90 30 02 00 00 - call qword ptr [rax+00000230]
StateOfDecay2-Win64-Shipping.exe+435E06: 3C 03 - cmp al,03
StateOfDecay2-Win64-Shipping.exe+435E08: 75 06 - jne StateOfDecay2-Win64-Shipping.exe+435E10
StateOfDecay2-Win64-Shipping.exe+435E0A: 41 0F 28 F0 - movaps xmm6,xmm8
StateOfDecay2-Win64-Shipping.exe+435E0E: EB 04 - jmp StateOfDecay2-Win64-Shipping.exe+435E14
StateOfDecay2-Win64-Shipping.exe+435E10: 41 0F 28 F1 - movaps xmm6,xmm9
StateOfDecay2-Win64-Shipping.exe+435E14: 48 8B 07 - mov rax,[rdi]
StateOfDecay2-Win64-Shipping.exe+435E17: 48 8B CF - mov rcx,rdi
StateOfDecay2-Win64-Shipping.exe+435E1A: FF 90 F0 01 00 00 - call qword ptr [rax+000001F0]
// ---------- INJECTING HERE ----------
StateOfDecay2-Win64-Shipping.exe+435E20: F3 0F 59 C6 - mulss xmm0,xmm6
// ---------- DONE INJECTING ----------
StateOfDecay2-Win64-Shipping.exe+435E24: F3 0F 58 F8 - addss xmm7,xmm0
StateOfDecay2-Win64-Shipping.exe+435E28: 49 83 C6 08 - add r14,08
StateOfDecay2-Win64-Shipping.exe+435E2C: 48 FF C5 - inc rbp
StateOfDecay2-Win64-Shipping.exe+435E2F: 49 3B EF - cmp rbp,r15
StateOfDecay2-Win64-Shipping.exe+435E32: 0F 85 58 FF FF FF - jne StateOfDecay2-Win64-Shipping.exe+435D90
StateOfDecay2-Win64-Shipping.exe+435E38: 48 85 F6 - test rsi,rsi
StateOfDecay2-Win64-Shipping.exe+435E3B: 74 09 - je StateOfDecay2-Win64-Shipping.exe+435E46
StateOfDecay2-Win64-Shipping.exe+435E3D: 48 8B CE - mov rcx,rsi
StateOfDecay2-Win64-Shipping.exe+435E40: E8 CB BE A4 00 - call StateOfDecay2-Win64-Shipping.exe+E81D10
StateOfDecay2-Win64-Shipping.exe+435E45: 90 - nop
StateOfDecay2-Win64-Shipping.exe+435E46: 0F 28 C7 - movaps xmm0,xmm7
StateOfDecay2-Win64-Shipping.exe+435E49: EB 03 - jmp StateOfDecay2-Win64-Shipping.exe+435E4E
StateOfDecay2-Win64-Shipping.exe+435E4B: 0F 57 C0 - xorps xmm0,xmm0
StateOfDecay2-Win64-Shipping.exe+435E4E: 4C 8D 9C 24 80 00 00 00 - lea r11,[rsp+00000080]
StateOfDecay2-Win64-Shipping.exe+435E56: 49 8B 5B 30 - mov rbx,[r11+30]
StateOfDecay2-Win64-Shipping.exe+435E5A: 49 8B 6B 40 - mov rbp,[r11+40]
StateOfDecay2-Win64-Shipping.exe+435E5E: 49 8B 73 48 - mov rsi,[r11+48]
StateOfDecay2-Win64-Shipping.exe+435E62: 0F 28 74 24 70 - movaps xmm6,[rsp+70]
StateOfDecay2-Win64-Shipping.exe+435E67: 0F 28 7C 24 60 - movaps xmm7,[rsp+60]
StateOfDecay2-Win64-Shipping.exe+435E6C: 45 0F 28 43 D0 - movaps xmm8,[r11-30]
}
Code: Select all
[ENABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x0080FF00
-------------- A.B.G.R
{$asm}
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
//============================================================================\\
//Original Code
//============================================================================\\
//aobscanmodule(aobHealth,StateOfDecay2-Win64-Shipping.exe,B2 01 48 8B CE E8 19)
//aobscanmodule(aobHealth,StateOfDecay2-Win64-Shipping.exe,B2 01 48 8B CE E8 69 F8)
//aobscanmodule(aobHealth,StateOfDecay2-Win64-Shipping.exe,B2 01 48 8B CE E8 ?9 ?? F? FF)
//aobscanmodule(aobHealth,StateOfDecay2-Win64-Shipping.exe,B2 ? 48 8B ? E8 ? ? ? ? 44 0F ? ? 44 0F)
//============================================================================\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
//============================================================================\\
//Temporary Fix
//============================================================================\\
aobscanmodule(aobHealth,StateOfDecay2-Win64-Shipping.exe,B2 ? 48 8B ? E8 ? ? ? ? 44 0F)
//============================================================================\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
/////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
alloc(healthCode,$100,aobHealth)
label(code)
label(return)
label(unlimitedHealth)
label(unlimitedStamina)
label(maxToCurrent)
label(ptrRCX)
healthCode:
cmp [unlimitedHealth],0
je staminaCode
lea rcx,[rsi+00000190]//Current Health
call maxToCurrent
staminaCode:
cmp [unlimitedStamina],0
je code
lea rcx,[rsi+000001B8]//Current Stamina
call maxToCurrent
code:
mov dl,01
mov rcx,rsi
mov [ptrRCX],rcx
jmp return
maxToCurrent:
sub rbx,#20
movdqu [rbx],xmm0
movss xmm0,[rcx+0C]
movss [rcx+08],xmm0
movdqu xmm0,[rbx]
add rbx,#20
ret
unlimitedHealth:
dd 0
unlimitedStamina:
dd 0
ptrRCX:
dd 0
aobHealth:
jmp healthCode
return:
registersymbol(aobHealth)
registersymbol(unlimitedHealth)
registersymbol(unlimitedStamina)
registersymbol(maxToCurrent)
registersymbol(ptrRCX)
[DISABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x00FF80FF
-------------- A.B.G.R
{$asm}
aobHealth:
db B2 01 48 8B CE
unregistersymbol(ptrRCX)
unregistersymbol(maxToCurrent)
unregistersymbol(unlimitedStamina)
unregistersymbol(unlimitedHealth)
unregistersymbol(aobHealth)
dealloc(healthCode)
{ NEW
// ORIGINAL CODE - INJECTION POINT: StateOfDecay2-Win64-Shipping.exe+1EFCCD
StateOfDecay2-Win64-Shipping.exe+1EFCA6: 74 0F - je StateOfDecay2-Win64-Shipping.exe+1EFCB7
StateOfDecay2-Win64-Shipping.exe+1EFCA8: C6 83 A8 02 00 00 01 - mov byte ptr [rbx+000002A8],01
StateOfDecay2-Win64-Shipping.exe+1EFCAF: 48 8B CB - mov rcx,rbx
StateOfDecay2-Win64-Shipping.exe+1EFCB2: E8 49 8B 00 00 - call StateOfDecay2-Win64-Shipping.exe+1F8800
StateOfDecay2-Win64-Shipping.exe+1EFCB7: 48 8B CB - mov rcx,rbx
StateOfDecay2-Win64-Shipping.exe+1EFCBA: E8 C1 68 0B 00 - call StateOfDecay2-Win64-Shipping.exe+2A6580
StateOfDecay2-Win64-Shipping.exe+1EFCBF: 33 D2 - xor edx,edx
StateOfDecay2-Win64-Shipping.exe+1EFCC1: 48 8B CE - mov rcx,rsi
StateOfDecay2-Win64-Shipping.exe+1EFCC4: E8 87 40 FC FF - call StateOfDecay2-Win64-Shipping.exe+1B3D50
StateOfDecay2-Win64-Shipping.exe+1EFCC9: 44 0F 28 C8 - movaps xmm9,xmm0
// ---------- INJECTING HERE ----------
StateOfDecay2-Win64-Shipping.exe+1EFCCD: B2 01 - mov dl,01
// ---------- DONE INJECTING ----------
StateOfDecay2-Win64-Shipping.exe+1EFCCF: 48 8B CE - mov rcx,rsi
StateOfDecay2-Win64-Shipping.exe+1EFCD2: E8 79 40 FC FF - call StateOfDecay2-Win64-Shipping.exe+1B3D50
StateOfDecay2-Win64-Shipping.exe+1EFCD7: 44 0F 28 D0 - movaps xmm10,xmm0
StateOfDecay2-Win64-Shipping.exe+1EFCDB: 44 0F 2F 8E 18 01 00 00 - comiss xmm9,[rsi+00000118]
StateOfDecay2-Win64-Shipping.exe+1EFCE3: 73 1D - jae StateOfDecay2-Win64-Shipping.exe+1EFD02
StateOfDecay2-Win64-Shipping.exe+1EFCE5: 44 38 B3 A9 02 00 00 - cmp [rbx+000002A9],r14l
StateOfDecay2-Win64-Shipping.exe+1EFCEC: 75 1B - jne StateOfDecay2-Win64-Shipping.exe+1EFD09
StateOfDecay2-Win64-Shipping.exe+1EFCEE: 48 8B D3 - mov rdx,rbx
StateOfDecay2-Win64-Shipping.exe+1EFCF1: 48 8B CF - mov rcx,rdi
StateOfDecay2-Win64-Shipping.exe+1EFCF4: E8 F7 6C 0B 00 - call StateOfDecay2-Win64-Shipping.exe+2A69F0
}
{ OLD
// ORIGINAL CODE - INJECTION POINT: "StateOfDecay2-Win64-Shipping.exe"+2400CD
"StateOfDecay2-Win64-Shipping.exe"+2400A6: 74 0F - je StateOfDecay2-Win64-Shipping.exe+2400B7
"StateOfDecay2-Win64-Shipping.exe"+2400A8: C6 83 A0 02 00 00 01 - mov byte ptr [rbx+000002A0],01
"StateOfDecay2-Win64-Shipping.exe"+2400AF: 48 8B CB - mov rcx,rbx
"StateOfDecay2-Win64-Shipping.exe"+2400B2: E8 79 B0 00 00 - call StateOfDecay2-Win64-Shipping.exe+24B130
"StateOfDecay2-Win64-Shipping.exe"+2400B7: 48 8B CB - mov rcx,rbx
"StateOfDecay2-Win64-Shipping.exe"+2400BA: E8 C1 7E 0B 00 - call StateOfDecay2-Win64-Shipping.exe+2F7F80
"StateOfDecay2-Win64-Shipping.exe"+2400BF: 33 D2 - xor edx,edx
"StateOfDecay2-Win64-Shipping.exe"+2400C1: 48 8B CE - mov rcx,rsi
"StateOfDecay2-Win64-Shipping.exe"+2400C4: E8 27 50 FC FF - call StateOfDecay2-Win64-Shipping.exe+2050F0
"StateOfDecay2-Win64-Shipping.exe"+2400C9: 44 0F 28 C8 - movaps xmm9,xmm0
// ---------- INJECTING HERE ----------
"StateOfDecay2-Win64-Shipping.exe"+2400CD: B2 01 - mov dl,01
"StateOfDecay2-Win64-Shipping.exe"+2400CF: 48 8B CE - mov rcx,rsi
// ---------- DONE INJECTING ----------
"StateOfDecay2-Win64-Shipping.exe"+2400D2: E8 19 50 FC FF - call StateOfDecay2-Win64-Shipping.exe+2050F0
"StateOfDecay2-Win64-Shipping.exe"+2400D7: 44 0F 28 D0 - movaps xmm10,xmm0
"StateOfDecay2-Win64-Shipping.exe"+2400DB: 44 0F 2F 8E 18 01 00 00 - comiss xmm9,[rsi+00000118]
"StateOfDecay2-Win64-Shipping.exe"+2400E3: 73 1D - jae StateOfDecay2-Win64-Shipping.exe+240102
"StateOfDecay2-Win64-Shipping.exe"+2400E5: 44 38 B3 A1 02 00 00 - cmp [rbx+000002A1],r14l
"StateOfDecay2-Win64-Shipping.exe"+2400EC: 75 1B - jne StateOfDecay2-Win64-Shipping.exe+240109
"StateOfDecay2-Win64-Shipping.exe"+2400EE: 48 8B D3 - mov rdx,rbx
"StateOfDecay2-Win64-Shipping.exe"+2400F1: 48 8B CF - mov rcx,rdi
"StateOfDecay2-Win64-Shipping.exe"+2400F4: E8 77 82 0B 00 - call StateOfDecay2-Win64-Shipping.exe+2F8370
"StateOfDecay2-Win64-Shipping.exe"+2400F9: C6 83 A1 02 00 00 01 - mov byte ptr [rbx+000002A1],01
}
{ OLD
// ORIGINAL CODE - INJECTION POINT: "StateOfDecay2-Win64-Shipping.exe"+243EFD
"StateOfDecay2-Win64-Shipping.exe"+243ED6: 74 0F - je StateOfDecay2-Win64-Shipping.exe+243EE7
"StateOfDecay2-Win64-Shipping.exe"+243ED8: C6 83 A8 02 00 00 01 - mov byte ptr [rbx+000002A8],01
"StateOfDecay2-Win64-Shipping.exe"+243EDF: 48 8B CB - mov rcx,rbx
"StateOfDecay2-Win64-Shipping.exe"+243EE2: E8 69 B1 00 00 - call StateOfDecay2-Win64-Shipping.exe+24F050
"StateOfDecay2-Win64-Shipping.exe"+243EE7: 48 8B CB - mov rcx,rbx
"StateOfDecay2-Win64-Shipping.exe"+243EEA: E8 61 96 0B 00 - call StateOfDecay2-Win64-Shipping.exe+2FD550
"StateOfDecay2-Win64-Shipping.exe"+243EEF: 33 D2 - xor edx,edx
"StateOfDecay2-Win64-Shipping.exe"+243EF1: 48 8B CE - mov rcx,rsi
"StateOfDecay2-Win64-Shipping.exe"+243EF4: E8 77 F8 FB FF - call StateOfDecay2-Win64-Shipping.exe+203770
"StateOfDecay2-Win64-Shipping.exe"+243EF9: 44 0F 28 C8 - movaps xmm9,xmm0
// ---------- INJECTING HERE ----------
"StateOfDecay2-Win64-Shipping.exe"+243EFD: B2 01 - mov dl,01
"StateOfDecay2-Win64-Shipping.exe"+243EFF: 48 8B CE - mov rcx,rsi
// ---------- DONE INJECTING ----------
"StateOfDecay2-Win64-Shipping.exe"+243F02: E8 69 F8 FB FF - call StateOfDecay2-Win64-Shipping.exe+203770
"StateOfDecay2-Win64-Shipping.exe"+243F07: 44 0F 28 D0 - movaps xmm10,xmm0
"StateOfDecay2-Win64-Shipping.exe"+243F0B: 44 0F 2F 8E 18 01 00 00 - comiss xmm9,[rsi+00000118]
"StateOfDecay2-Win64-Shipping.exe"+243F13: 73 1D - jae StateOfDecay2-Win64-Shipping.exe+243F32
"StateOfDecay2-Win64-Shipping.exe"+243F15: 44 38 B3 A9 02 00 00 - cmp [rbx+000002A9],r14l
"StateOfDecay2-Win64-Shipping.exe"+243F1C: 75 1B - jne StateOfDecay2-Win64-Shipping.exe+243F39
"StateOfDecay2-Win64-Shipping.exe"+243F1E: 48 8B D3 - mov rdx,rbx
"StateOfDecay2-Win64-Shipping.exe"+243F21: 48 8B CF - mov rcx,rdi
"StateOfDecay2-Win64-Shipping.exe"+243F24: E8 17 9A 0B 00 - call StateOfDecay2-Win64-Shipping.exe+2FD940
"StateOfDecay2-Win64-Shipping.exe"+243F29: C6 83 A9 02 00 00 01 - mov byte ptr [rbx+000002A9],01
}
{
// ORIGINAL CODE - INJECTION POINT: "StateOfDecay2-Win64-Shipping.exe"+1E528D
B2 01 48 8B CE E8 19 50 FC FF
B2 01 48 8B CE E8 69 F8 FB FF
B2 01 48 8B CE E8 79 ED FB FF
B2 01 48 8B CE E8 ?9 ?? F? FF
"StateOfDecay2-Win64-Shipping.exe"+1E5266: 74 0F - je StateOfDecay2-Win64-Shipping.exe+1E5277
"StateOfDecay2-Win64-Shipping.exe"+1E5268: C6 83 A8 02 00 00 01 - mov byte ptr [rbx+000002A8],01
"StateOfDecay2-Win64-Shipping.exe"+1E526F: 48 8B CB - mov rcx,rbx
"StateOfDecay2-Win64-Shipping.exe"+1E5272: E8 19 B2 00 00 - call StateOfDecay2-Win64-Shipping.exe+1F0490
"StateOfDecay2-Win64-Shipping.exe"+1E5277: 48 8B CB - mov rcx,rbx
"StateOfDecay2-Win64-Shipping.exe"+1E527A: E8 81 94 0B 00 - call StateOfDecay2-Win64-Shipping.exe+29E700
"StateOfDecay2-Win64-Shipping.exe"+1E527F: 33 D2 - xor edx,edx
"StateOfDecay2-Win64-Shipping.exe"+1E5281: 48 8B CE - mov rcx,rsi
"StateOfDecay2-Win64-Shipping.exe"+1E5284: E8 87 ED FB FF - call StateOfDecay2-Win64-Shipping.exe+1A4010
"StateOfDecay2-Win64-Shipping.exe"+1E5289: 44 0F 28 C8 - movaps xmm9,xmm0
// ---------- INJECTING HERE ----------
"StateOfDecay2-Win64-Shipping.exe"+1E528D: B2 01 - mov dl,01
"StateOfDecay2-Win64-Shipping.exe"+1E528F: 48 8B CE - mov rcx,rsi
// ---------- DONE INJECTING ----------
"StateOfDecay2-Win64-Shipping.exe"+1E5292: E8 79 ED FB FF - call StateOfDecay2-Win64-Shipping.exe+1A4010
"StateOfDecay2-Win64-Shipping.exe"+1E5297: 44 0F 28 D0 - movaps xmm10,xmm0
"StateOfDecay2-Win64-Shipping.exe"+1E529B: 44 0F 2F 8E 18 01 00 00 - comiss xmm9,[rsi+00000118]
"StateOfDecay2-Win64-Shipping.exe"+1E52A3: 73 1D - jae StateOfDecay2-Win64-Shipping.exe+1E52C2
"StateOfDecay2-Win64-Shipping.exe"+1E52A5: 44 38 B3 A9 02 00 00 - cmp [rbx+000002A9],r14l
"StateOfDecay2-Win64-Shipping.exe"+1E52AC: 75 1B - jne StateOfDecay2-Win64-Shipping.exe+1E52C9
"StateOfDecay2-Win64-Shipping.exe"+1E52AE: 48 8B D3 - mov rdx,rbx
"StateOfDecay2-Win64-Shipping.exe"+1E52B1: 48 8B CF - mov rcx,rdi
"StateOfDecay2-Win64-Shipping.exe"+1E52B4: E8 37 98 0B 00 - call StateOfDecay2-Win64-Shipping.exe+29EAF0
"StateOfDecay2-Win64-Shipping.exe"+1E52B9: C6 83 A9 02 00 00 01 - mov byte ptr [rbx+000002A9],01
}
Code: Select all
{======================
Author : aanpsx
Date : 2021-06-24
Game : StateOfDecay2-Win64-Shipping.exe
Version : 1.0.0.0
======================}
define(Yes_NoRecoil,db 1C)
define(No_NoRecoil,db 24)
[ENABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x0080FF00
-------------- A.B.G.R
{$asm}
aobscanmodule(PSX_NoRecoil,$process,F3 ** ** ** ** ** ** ** 0F 28 ** E8 ** ** ** ** 44 0F ** ** 0F 28 ** F3 ** ** ** ** E8)//F3 0F 10 B3 24 01 00 00 0F 28 C7)//StateOfDecay2-Win64-Shipping.exe+6079EA
registersymbol(PSX_NoRecoil)
PSX_NoRecoil+4:
Yes_NoRecoil
[DISABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x00FF80FF
-------------- A.B.G.R
{$asm}
unregistersymbol(PSX_NoRecoil)
PSX_NoRecoil+4:
No_NoRecoil
{
// ORIGINAL CODE - INJECTION POINT: StateOfDecay2-Win64-Shipping.exe+6079EA
StateOfDecay2-Win64-Shipping.exe+607988: 74 0A - je StateOfDecay2-Win64-Shipping.exe+607994
StateOfDecay2-Win64-Shipping.exe+60798A: F3 0F 10 BB 2C 01 00 00 - movss xmm7,[rbx+0000012C]
StateOfDecay2-Win64-Shipping.exe+607992: EB 4E - jmp StateOfDecay2-Win64-Shipping.exe+6079E2
StateOfDecay2-Win64-Shipping.exe+607994: F3 0F 10 BB 3C 01 00 00 - movss xmm7,[rbx+0000013C]
StateOfDecay2-Win64-Shipping.exe+60799C: EB 44 - jmp StateOfDecay2-Win64-Shipping.exe+6079E2
StateOfDecay2-Win64-Shipping.exe+60799E: FF 15 1C 87 D7 02 - call qword ptr [StateOfDecay2-Win64-Shipping.exe+33800C0]
StateOfDecay2-Win64-Shipping.exe+6079A4: 66 0F 6E C0 - movd xmm0,eax
StateOfDecay2-Win64-Shipping.exe+6079A8: 0F 5B C0 - cvtdq2ps xmm0,xmm0
StateOfDecay2-Win64-Shipping.exe+6079AB: 40 84 F6 - test sil,sil
StateOfDecay2-Win64-Shipping.exe+6079AE: 74 12 - je StateOfDecay2-Win64-Shipping.exe+6079C2
StateOfDecay2-Win64-Shipping.exe+6079B0: F3 0F 10 8B 2C 01 00 00 - movss xmm1,[rbx+0000012C]
StateOfDecay2-Win64-Shipping.exe+6079B8: F3 0F 10 BB 34 01 00 00 - movss xmm7,[rbx+00000134]
StateOfDecay2-Win64-Shipping.exe+6079C0: EB 10 - jmp StateOfDecay2-Win64-Shipping.exe+6079D2
StateOfDecay2-Win64-Shipping.exe+6079C2: F3 0F 10 8B 3C 01 00 00 - movss xmm1,[rbx+0000013C]
StateOfDecay2-Win64-Shipping.exe+6079CA: F3 0F 10 BB 44 01 00 00 - movss xmm7,[rbx+00000144]
StateOfDecay2-Win64-Shipping.exe+6079D2: F3 0F 5C F9 - subss xmm7,xmm1
StateOfDecay2-Win64-Shipping.exe+6079D6: F3 0F 59 F8 - mulss xmm7,xmm0
StateOfDecay2-Win64-Shipping.exe+6079DA: F3 0F 59 FE - mulss xmm7,xmm6
StateOfDecay2-Win64-Shipping.exe+6079DE: F3 0F 58 F9 - addss xmm7,xmm1
StateOfDecay2-Win64-Shipping.exe+6079E2: F3 0F 59 3D FA AF DC 02 - mulss xmm7,[StateOfDecay2-Win64-Shipping.exe+33D29E4]
// ---------- INJECTING HERE ----------
StateOfDecay2-Win64-Shipping.exe+6079EA: F3 0F 10 B3 24 01 00 00 - movss xmm6,[rbx+00000124]
// ---------- DONE INJECTING ----------
StateOfDecay2-Win64-Shipping.exe+6079F2: 0F 28 C7 - movaps xmm0,xmm7
StateOfDecay2-Win64-Shipping.exe+6079F5: E8 F2 35 62 02 - call StateOfDecay2-Win64-Shipping.exe+2C2AFEC
StateOfDecay2-Win64-Shipping.exe+6079FA: 44 0F 28 C0 - movaps xmm8,xmm0
StateOfDecay2-Win64-Shipping.exe+6079FE: 0F 28 C7 - movaps xmm0,xmm7
StateOfDecay2-Win64-Shipping.exe+607A01: F3 44 0F 59 C6 - mulss xmm8,xmm6
StateOfDecay2-Win64-Shipping.exe+607A06: E8 F9 35 62 02 - call StateOfDecay2-Win64-Shipping.exe+2C2B004
StateOfDecay2-Win64-Shipping.exe+607A0B: 0F 28 7C 24 30 - movaps xmm7,[rsp+30]
StateOfDecay2-Win64-Shipping.exe+607A10: 40 84 F6 - test sil,sil
StateOfDecay2-Win64-Shipping.exe+607A13: 48 8B 74 24 68 - mov rsi,[rsp+68]
StateOfDecay2-Win64-Shipping.exe+607A18: 48 8B 5C 24 60 - mov rbx,[rsp+60]
StateOfDecay2-Win64-Shipping.exe+607A1D: F3 0F 59 C6 - mulss xmm0,xmm6
StateOfDecay2-Win64-Shipping.exe+607A21: 0F 28 74 24 40 - movaps xmm6,[rsp+40]
StateOfDecay2-Win64-Shipping.exe+607A26: 75 07 - jne StateOfDecay2-Win64-Shipping.exe+607A2F
StateOfDecay2-Win64-Shipping.exe+607A28: 0F 57 05 11 5D DA 02 - xorps xmm0,[StateOfDecay2-Win64-Shipping.exe+33AD740]
StateOfDecay2-Win64-Shipping.exe+607A2F: 41 0F 14 C0 - unpcklps xmm0,xmm8
StateOfDecay2-Win64-Shipping.exe+607A33: 48 8B D7 - mov rdx,rdi
StateOfDecay2-Win64-Shipping.exe+607A36: 66 49 0F 7E C0 - movq r8,xmm0
StateOfDecay2-Win64-Shipping.exe+607A3B: 48 8B CD - mov rcx,rbp
StateOfDecay2-Win64-Shipping.exe+607A3E: E8 FD 45 FF FF - call StateOfDecay2-Win64-Shipping.exe+5FC040
StateOfDecay2-Win64-Shipping.exe+607A43: 44 0F 28 44 24 20 - movaps xmm8,[rsp+20]
}
Code: Select all
{======================
Author : aanpsx
Date : 2021-06-25
Game : StateOfDecay2-Win64-Shipping.exe
Version : 1.0.0.0
======================}
define(bytes_Sway,db F3 0F 59 B1 E4 00 00 00)
define(fmax,(float)999999999)
define(fmin,(float)0)
define(imax,#999999999)
define(psx,align 10 CC)
define(mov1,mov byte ptr)
define(mov2,mov word ptr)
define(mov4,mov dword ptr)
define(cmp1,cmp byte ptr)
define(cmp2,cmp word ptr)
define(cmp4,cmp dword ptr)
define(bit,byte ptr)
define(8b,dq 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0)
//---------- 0 8101820283038404850586068707880889098a0a8b0b8c0c8d0c8e0e8f0f8000810
//================================================================================
[ENABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x0080FF00
-------------- A.B.G.R
{$asm}
aobscanmodule(PSX_Sway,StateOfDecay2-Win64-Shipping.exe,F3 ** ** ** ** ** ** ** F3 ** ** ** F3 ** ** ** F3 ** ** ** F3 ** ** ** ** ** ** ** F3 ** ** ** F3 ** ** ** ** 44 0F ** ** ** ** F3)//F3 0F 59 B1 E4 00 00 00)//StateOfDecay2-Win64-Shipping.exe+620FAF
alloc(newmem_Sway,$1000,PSX_Sway)
label(code_Sway,_Sway)
registersymbol(PSX_Sway,code_Sway,_Sway)
newmem_Sway:
mov [_Sway],rcx //main pointer
mov [_Sway+8],rax
mov [_Sway+10],rbx
mov [_Sway+18],rcx
mov [_Sway+20],rdx
mov [_Sway+28],rdi
mov [_Sway+30],rsi
mov [_Sway+38],r8
mov [_Sway+40],r9
mov [_Sway+48],r10
mov [_Sway+50],r11
mov [_Sway+58],r12
mov [_Sway+60],r13
mov [_Sway+68],r14
mov [_Sway+70],r15
//================== inject here
xorps xmm6,xmm6
exit_Sway:
//==================
//mov rax,[_Sway+8]
//mov rbx,[_Sway+10]
//mov rcx,[_Sway+18]
//mov rdx,[_Sway+20]
//mov rdi,[_Sway+28]
//mov rsi,[_Sway+30]
//mov r8,[_Sway+38]
//mov r9,[_Sway+40]
//mov r10,[_Sway+48]
//mov r11,[_Sway+50]
//mov r12,[_Sway+58]
//mov r13,[_Sway+60]
//mov r14,[_Sway+68]
//mov r15,[_Sway+70]
//==================
code_Sway:
readmem(PSX_Sway,8)
//mulss xmm6,[rcx+000000E4]
jmp return_Sway
psx
_Sway:
8b
PSX_Sway:
jmp newmem_Sway
nop 3
return_Sway:
[DISABLE]
unregistersymbol(*)//unreg all
dealloc(*)//dealoc all
//unregistersymbol(PSX_Sway,code_Sway,_Sway)
//dealloc(newmem_Sway)
PSX_Sway:
readmem(code_Sway,8)
//mulss xmm6,[rcx+000000E4]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x00FF80FF
-------------- A.B.G.R
{$asm}
{
// ORIGINAL CODE - INJECTION POINT: StateOfDecay2-Win64-Shipping.exe+620FAF
StateOfDecay2-Win64-Shipping.exe+620F30: F3 0F 10 8C 24 84 00 00 00 - movss xmm1,[rsp+00000084]
StateOfDecay2-Win64-Shipping.exe+620F39: F3 0F 11 87 38 01 00 00 - movss [rdi+00000138],xmm0
StateOfDecay2-Win64-Shipping.exe+620F41: F3 0F 11 8F 4C 01 00 00 - movss [rdi+0000014C],xmm1
StateOfDecay2-Win64-Shipping.exe+620F49: F3 0F 10 BF 34 01 00 00 - movss xmm7,[rdi+00000134]
StateOfDecay2-Win64-Shipping.exe+620F51: 48 8D 8C 24 80 00 00 00 - lea rcx,[rsp+00000080]
StateOfDecay2-Win64-Shipping.exe+620F59: F3 44 0F 10 87 48 01 00 00 - movss xmm8,[rdi+00000148]
StateOfDecay2-Win64-Shipping.exe+620F62: F3 0F 10 B7 18 01 00 00 - movss xmm6,[rdi+00000118]
StateOfDecay2-Win64-Shipping.exe+620F6A: E8 B1 0E 97 00 - call StateOfDecay2-Win64-Shipping.exe+F91E20
StateOfDecay2-Win64-Shipping.exe+620F6F: 48 8B 8F 60 01 00 00 - mov rcx,[rdi+00000160]
StateOfDecay2-Win64-Shipping.exe+620F76: 48 8B AC 24 90 00 00 00 - mov rbp,[rsp+00000090]
StateOfDecay2-Win64-Shipping.exe+620F7E: 48 39 08 - cmp [rax],rcx
StateOfDecay2-Win64-Shipping.exe+620F81: 7C 4C - jl StateOfDecay2-Win64-Shipping.exe+620FCF
StateOfDecay2-Win64-Shipping.exe+620F83: FF 15 37 F1 D5 02 - call qword ptr [StateOfDecay2-Win64-Shipping.exe+33800C0]
StateOfDecay2-Win64-Shipping.exe+620F89: F3 0F 10 87 00 01 00 00 - movss xmm0,[rdi+00000100]
StateOfDecay2-Win64-Shipping.exe+620F91: F3 0F 10 B7 04 01 00 00 - movss xmm6,[rdi+00000104]
StateOfDecay2-Win64-Shipping.exe+620F99: F3 0F 5C F0 - subss xmm6,xmm0
StateOfDecay2-Win64-Shipping.exe+620F9D: 66 0F 6E D0 - movd xmm2,eax
StateOfDecay2-Win64-Shipping.exe+620FA1: 48 8B 87 20 01 00 00 - mov rax,[rdi+00000120]
StateOfDecay2-Win64-Shipping.exe+620FA8: 0F 5B D2 - cvtdq2ps xmm2,xmm2
StateOfDecay2-Win64-Shipping.exe+620FAB: 48 8B 48 28 - mov rcx,[rax+28]
// ---------- INJECTING HERE ----------
StateOfDecay2-Win64-Shipping.exe+620FAF: F3 0F 59 B1 E4 00 00 00 - mulss xmm6,[rcx+000000E4]
// ---------- DONE INJECTING ----------
StateOfDecay2-Win64-Shipping.exe+620FB7: F3 0F 58 F0 - addss xmm6,xmm0
StateOfDecay2-Win64-Shipping.exe+620FBB: F3 0F 5C F0 - subss xmm6,xmm0
StateOfDecay2-Win64-Shipping.exe+620FBF: F3 0F 59 F2 - mulss xmm6,xmm2
StateOfDecay2-Win64-Shipping.exe+620FC3: F3 0F 59 35 01 1A DB 02 - mulss xmm6,[StateOfDecay2-Win64-Shipping.exe+33D29CC]
StateOfDecay2-Win64-Shipping.exe+620FCB: F3 0F 58 F0 - addss xmm6,xmm0
StateOfDecay2-Win64-Shipping.exe+620FCF: F3 41 0F 5C F9 - subss xmm7,xmm9
StateOfDecay2-Win64-Shipping.exe+620FD4: 44 0F 28 4C 24 30 - movaps xmm9,[rsp+30]
StateOfDecay2-Win64-Shipping.exe+620FDA: F3 45 0F 5C C2 - subss xmm8,xmm10
StateOfDecay2-Win64-Shipping.exe+620FDF: 44 0F 28 54 24 20 - movaps xmm10,[rsp+20]
StateOfDecay2-Win64-Shipping.exe+620FE5: F3 0F 59 FE - mulss xmm7,xmm6
StateOfDecay2-Win64-Shipping.exe+620FE9: F3 44 0F 59 C6 - mulss xmm8,xmm6
StateOfDecay2-Win64-Shipping.exe+620FEE: 0F 28 C7 - movaps xmm0,xmm7
StateOfDecay2-Win64-Shipping.exe+620FF1: 0F 28 7C 24 50 - movaps xmm7,[rsp+50]
StateOfDecay2-Win64-Shipping.exe+620FF6: 41 0F 14 C0 - unpcklps xmm0,xmm8
StateOfDecay2-Win64-Shipping.exe+620FFA: 44 0F 28 44 24 40 - movaps xmm8,[rsp+40]
StateOfDecay2-Win64-Shipping.exe+621000: F2 0F 11 87 54 01 00 00 - movsd [rdi+00000154],xmm0
StateOfDecay2-Win64-Shipping.exe+621008: F2 0F 11 06 - movsd [rsi],xmm0
StateOfDecay2-Win64-Shipping.exe+62100C: EB 0C - jmp StateOfDecay2-Win64-Shipping.exe+62101A
StateOfDecay2-Win64-Shipping.exe+62100E: F2 0F 10 05 D2 3E 7B 04 - movsd xmm0,[StateOfDecay2-Win64-Shipping.GNavigationMemory+6850]
StateOfDecay2-Win64-Shipping.exe+621016: F2 0F 11 02 - movsd [rdx],xmm0
}
Code: Select all
{======================
Author : aanpsx
Date : 2021-06-10
Game : StateOfDecay2-Win64-Shipping.exe
Version : 1.0.0.0
======================}
define(bytes_Spread1,db F3 0F 11 83 FC 00 00 00)
define(bytes_Spread2,db F3 0F 11 87 FC 00 00 00)
define(fmax,(float)999999999)
define(fmin,(float)0)
define(imax,#999999999)
define(psx,align 10 CC)
define(mov1,mov byte ptr)
define(mov2,mov word ptr)
define(mov4,mov dword ptr)
define(cmp1,cmp byte ptr)
define(cmp2,cmp word ptr)
define(cmp4,cmp dword ptr)
define(bit,byte ptr)
define(8b,dq 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0)
//---------- 0 8101820283038404850586068707880889098a0a8b0b8c0c8d0c8e0e8f0f8000810
//================================================================================
[ENABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x0080FF00
-------------- A.B.G.R
{$asm}
aobscanmodule(PSX_Spread1,$process,F3 ** ** ** ** ** ** ** 48 8B ** ** F3 ** ** ** ** ** ** ** 0F 2F)//F3 0F 11 83 FC 00 00 00 48)//StateOfDecay2-Win64-Shipping.exe+580F0B
alloc(newmem_Spread1,$1000,PSX_Spread1)
label(code_Spread1,_Spread1)
registersymbol(PSX_Spread1,code_Spread1,_Spread1)
newmem_Spread1:
mov [_Spread1],rbx //main pointer
mov [_Spread1+8],rax
mov [_Spread1+10],rbx
mov [_Spread1+18],rcx
mov [_Spread1+20],rdx
mov [_Spread1+28],rdi
mov [_Spread1+30],rsi
mov [_Spread1+38],r8
mov [_Spread1+40],r9
mov [_Spread1+48],r10
mov [_Spread1+50],r11
mov [_Spread1+58],r12
mov [_Spread1+60],r13
mov [_Spread1+68],r14
mov [_Spread1+70],r15
//================== inject here
mov [rbx+FC],0
jmp return_Spread1
exit_Spread1:
//==================
//mov rax,[_Spread1+8]
//mov rbx,[_Spread1+10]
//mov rcx,[_Spread1+18]
//mov rdx,[_Spread1+20]
//mov rdi,[_Spread1+28]
//mov rsi,[_Spread1+30]
//mov r8,[_Spread1+38]
//mov r9,[_Spread1+40]
//mov r10,[_Spread1+48]
//mov r11,[_Spread1+50]
//mov r12,[_Spread1+58]
//mov r13,[_Spread1+60]
//mov r14,[_Spread1+68]
//mov r15,[_Spread1+70]
//==================
code_Spread1:
readmem(PSX_Spread1,8)
//movss [rbx+000000FC],xmm0
jmp return_Spread1
psx
_Spread1:
8b
PSX_Spread1:
jmp newmem_Spread1
nop 3
return_Spread1:
//
aobscanmodule(PSX_Spread2,$process,F3 ** ** ** ** ** ** ** 0F 28 ** ** ** 48 83 ** ** 5F C3 48 89)//F3 0F 11 87 FC 00 00 00)//StateOfDecay2-Win64-Shipping.exe+59D82D
alloc(newmem_Spread2,$1000,PSX_Spread2)
label(code_Spread2,_Spread2)
registersymbol(PSX_Spread2,code_Spread2,_Spread2)
newmem_Spread2:
mov [_Spread2],rdi //main pointer
mov [_Spread2+8],rax
mov [_Spread2+10],rbx
mov [_Spread2+18],rcx
mov [_Spread2+20],rdx
mov [_Spread2+28],rdi
mov [_Spread2+30],rsi
mov [_Spread2+38],r8
mov [_Spread2+40],r9
mov [_Spread2+48],r10
mov [_Spread2+50],r11
mov [_Spread2+58],r12
mov [_Spread2+60],r13
mov [_Spread2+68],r14
mov [_Spread2+70],r15
//================== inject here
mov [rdi+FC],0
jmp return_Spread2
exit_Spread2:
//==================
//mov rax,[_Spread2+8]
//mov rbx,[_Spread2+10]
//mov rcx,[_Spread2+18]
//mov rdx,[_Spread2+20]
//mov rdi,[_Spread2+28]
//mov rsi,[_Spread2+30]
//mov r8,[_Spread2+38]
//mov r9,[_Spread2+40]
//mov r10,[_Spread2+48]
//mov r11,[_Spread2+50]
//mov r12,[_Spread2+58]
//mov r13,[_Spread2+60]
//mov r14,[_Spread2+68]
//mov r15,[_Spread2+70]
//==================
code_Spread2:
readmem(PSX_Spread2,8)
//movss [rdi+000000FC],xmm0
jmp return_Spread2
psx
_Spread2:
8b
PSX_Spread2:
jmp newmem_Spread2
nop 3
return_Spread2:
//
[DISABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x00FF80FF
-------------- A.B.G.R
{$asm}
unregistersymbol(*)//unreg all
dealloc(*)//dealoc all
//unregistersymbol(PSX_Spread1,code_Spread1,_Spread1)
//dealloc(newmem_Spread1)
PSX_Spread1:
readmem(code_Spread1,8)
//movss [rbx+000000FC],xmm0
PSX_Spread2:
readmem(code_Spread2,8)
//movss [rdi+000000FC],xmm0
{
// ORIGINAL CODE - INJECTION POINT: StateOfDecay2-Win64-Shipping.exe+580F0B
StateOfDecay2-Win64-Shipping.exe+580E92: 48 85 FF - test rdi,rdi
StateOfDecay2-Win64-Shipping.exe+580E95: 0F 84 03 01 00 00 - je StateOfDecay2-Win64-Shipping.exe+580F9E
StateOfDecay2-Win64-Shipping.exe+580E9B: 84 D2 - test dl,dl
StateOfDecay2-Win64-Shipping.exe+580E9D: 74 31 - je StateOfDecay2-Win64-Shipping.exe+580ED0
StateOfDecay2-Win64-Shipping.exe+580E9F: 48 8B 47 28 - mov rax,[rdi+28]
StateOfDecay2-Win64-Shipping.exe+580EA3: F3 0F 10 80 94 01 00 00 - movss xmm0,[rax+00000194]
StateOfDecay2-Win64-Shipping.exe+580EAB: F3 0F 58 81 00 01 00 00 - addss xmm0,[rcx+00000100]
StateOfDecay2-Win64-Shipping.exe+580EB3: 0F 2F 05 72 D4 D8 02 - comiss xmm0,[StateOfDecay2-Win64-Shipping.exe+330E32C]
StateOfDecay2-Win64-Shipping.exe+580EBA: F3 0F 11 81 00 01 00 00 - movss [rcx+00000100],xmm0
StateOfDecay2-Win64-Shipping.exe+580EC2: 76 16 - jna StateOfDecay2-Win64-Shipping.exe+580EDA
StateOfDecay2-Win64-Shipping.exe+580EC4: C7 81 00 01 00 00 00 00 48 42 - mov [rcx+00000100],42480000
StateOfDecay2-Win64-Shipping.exe+580ECE: EB 0A - jmp StateOfDecay2-Win64-Shipping.exe+580EDA
StateOfDecay2-Win64-Shipping.exe+580ED0: C7 81 00 01 00 00 00 00 80 3F - mov [rcx+00000100],3F800000
StateOfDecay2-Win64-Shipping.exe+580EDA: 48 8B 47 28 - mov rax,[rdi+28]
StateOfDecay2-Win64-Shipping.exe+580EDE: F3 0F 10 89 00 01 00 00 - movss xmm1,[rcx+00000100]
StateOfDecay2-Win64-Shipping.exe+580EE6: F3 0F 10 80 8C 01 00 00 - movss xmm0,[rax+0000018C]
StateOfDecay2-Win64-Shipping.exe+580EEE: F3 0F 58 05 16 F1 D6 02 - addss xmm0,[StateOfDecay2-Win64-Shipping.exe+32F000C]
StateOfDecay2-Win64-Shipping.exe+580EF6: E8 03 50 5F 02 - call StateOfDecay2-Win64-Shipping.exe+2B75EFE
StateOfDecay2-Win64-Shipping.exe+580EFB: F3 0F 5C 05 09 F1 D6 02 - subss xmm0,[StateOfDecay2-Win64-Shipping.exe+32F000C]
StateOfDecay2-Win64-Shipping.exe+580F03: F3 0F 58 83 FC 00 00 00 - addss xmm0,[rbx+000000FC]
// ---------- INJECTING HERE ----------
StateOfDecay2-Win64-Shipping.exe+580F0B: F3 0F 11 83 FC 00 00 00 - movss [rbx+000000FC],xmm0
// ---------- DONE INJECTING ----------
StateOfDecay2-Win64-Shipping.exe+580F13: 48 8B 47 28 - mov rax,[rdi+28]
StateOfDecay2-Win64-Shipping.exe+580F17: F3 0F 10 88 84 01 00 00 - movss xmm1,[rax+00000184]
StateOfDecay2-Win64-Shipping.exe+580F1F: 0F 2F C1 - comiss xmm0,xmm1
StateOfDecay2-Win64-Shipping.exe+580F22: 76 08 - jna StateOfDecay2-Win64-Shipping.exe+580F2C
StateOfDecay2-Win64-Shipping.exe+580F24: F3 0F 11 8B FC 00 00 00 - movss [rbx+000000FC],xmm1
StateOfDecay2-Win64-Shipping.exe+580F2C: 8B 83 FC 00 00 00 - mov eax,[rbx+000000FC]
StateOfDecay2-Win64-Shipping.exe+580F32: 0F 57 C9 - xorps xmm1,xmm1
StateOfDecay2-Win64-Shipping.exe+580F35: 89 83 0C 01 00 00 - mov [rbx+0000010C],eax
StateOfDecay2-Win64-Shipping.exe+580F3B: C7 83 04 01 00 00 00 00 00 00 - mov [rbx+00000104],00000000
StateOfDecay2-Win64-Shipping.exe+580F45: 48 8B 47 28 - mov rax,[rdi+28]
StateOfDecay2-Win64-Shipping.exe+580F49: F3 0F 10 90 8C 01 00 00 - movss xmm2,[rax+0000018C]
StateOfDecay2-Win64-Shipping.exe+580F51: F3 0F 58 90 7C 01 00 00 - addss xmm2,[rax+0000017C]
StateOfDecay2-Win64-Shipping.exe+580F59: F3 0F 10 98 84 01 00 00 - movss xmm3,[rax+00000184]
StateOfDecay2-Win64-Shipping.exe+580F61: F3 0F 10 A0 9C 01 00 00 - movss xmm4,[rax+0000019C]
StateOfDecay2-Win64-Shipping.exe+580F69: F3 0F 10 80 A4 01 00 00 - movss xmm0,[rax+000001A4]
StateOfDecay2-Win64-Shipping.exe+580F71: F3 0F 5C DA - subss xmm3,xmm2
StateOfDecay2-Win64-Shipping.exe+580F75: 0F 2F D9 - comiss xmm3,xmm1
StateOfDecay2-Win64-Shipping.exe+580F78: 76 10 - jna StateOfDecay2-Win64-Shipping.exe+580F8A
StateOfDecay2-Win64-Shipping.exe+580F7A: F3 0F 10 8B FC 00 00 00 - movss xmm1,[rbx+000000FC]
StateOfDecay2-Win64-Shipping.exe+580F82: F3 0F 5C CA - subss xmm1,xmm2
}
{
// ORIGINAL CODE - INJECTION POINT: StateOfDecay2-Win64-Shipping.exe+59D82D
StateOfDecay2-Win64-Shipping.exe+59D7CC: 48 8B D0 - mov rdx,rax
StateOfDecay2-Win64-Shipping.exe+59D7CF: 48 8B CB - mov rcx,rbx
StateOfDecay2-Win64-Shipping.exe+59D7D2: 41 FF 90 B8 05 00 00 - call qword ptr [r8+000005B8]
StateOfDecay2-Win64-Shipping.exe+59D7D9: 48 8B C8 - mov rcx,rax
StateOfDecay2-Win64-Shipping.exe+59D7DC: E8 0F D3 FF FF - call StateOfDecay2-Win64-Shipping.exe+59AAF0
StateOfDecay2-Win64-Shipping.exe+59D7E1: 48 8B 5C 24 40 - mov rbx,[rsp+40]
StateOfDecay2-Win64-Shipping.exe+59D7E6: 84 C0 - test al,al
StateOfDecay2-Win64-Shipping.exe+59D7E8: 75 4B - jne StateOfDecay2-Win64-Shipping.exe+59D835
StateOfDecay2-Win64-Shipping.exe+59D7EA: F3 0F 10 9F 08 01 00 00 - movss xmm3,[rdi+00000108]
StateOfDecay2-Win64-Shipping.exe+59D7F2: 0F 57 C0 - xorps xmm0,xmm0
StateOfDecay2-Win64-Shipping.exe+59D7F5: 0F 2E D8 - ucomiss xmm3,xmm0
StateOfDecay2-Win64-Shipping.exe+59D7F8: 74 3B - je StateOfDecay2-Win64-Shipping.exe+59D835
StateOfDecay2-Win64-Shipping.exe+59D7FA: F3 0F 58 B7 04 01 00 00 - addss xmm6,[rdi+00000104]
StateOfDecay2-Win64-Shipping.exe+59D802: 48 8B 87 10 01 00 00 - mov rax,[rdi+00000110]
StateOfDecay2-Win64-Shipping.exe+59D809: F3 0F 10 8F 0C 01 00 00 - movss xmm1,[rdi+0000010C]
StateOfDecay2-Win64-Shipping.exe+59D811: F3 0F 11 B7 04 01 00 00 - movss [rdi+00000104],xmm6
StateOfDecay2-Win64-Shipping.exe+59D819: 0F 28 C6 - movaps xmm0,xmm6
StateOfDecay2-Win64-Shipping.exe+59D81C: 48 8B 48 28 - mov rcx,[rax+28]
StateOfDecay2-Win64-Shipping.exe+59D820: F3 0F 10 91 7C 01 00 00 - movss xmm2,[rcx+0000017C]
StateOfDecay2-Win64-Shipping.exe+59D828: E8 93 0C 00 00 - call StateOfDecay2-Win64-Shipping.exe+59E4C0
// ---------- INJECTING HERE ----------
StateOfDecay2-Win64-Shipping.exe+59D82D: F3 0F 11 87 FC 00 00 00 - movss [rdi+000000FC],xmm0
// ---------- DONE INJECTING ----------
StateOfDecay2-Win64-Shipping.exe+59D835: 0F 28 74 24 20 - movaps xmm6,[rsp+20]
StateOfDecay2-Win64-Shipping.exe+59D83A: 48 83 C4 30 - add rsp,30
StateOfDecay2-Win64-Shipping.exe+59D83E: 5F - pop rdi
StateOfDecay2-Win64-Shipping.exe+59D83F: C3 - ret
StateOfDecay2-Win64-Shipping.exe+59D840: 48 89 5C 24 08 - mov [rsp+08],rbx
StateOfDecay2-Win64-Shipping.exe+59D845: 48 89 74 24 10 - mov [rsp+10],rsi
StateOfDecay2-Win64-Shipping.exe+59D84A: 57 - push rdi
StateOfDecay2-Win64-Shipping.exe+59D84B: 48 83 EC 20 - sub rsp,20
StateOfDecay2-Win64-Shipping.exe+59D84F: 48 8B B1 00 01 00 00 - mov rsi,[rcx+00000100]
StateOfDecay2-Win64-Shipping.exe+59D856: 48 8B F9 - mov rdi,rcx
StateOfDecay2-Win64-Shipping.exe+59D859: 8B DA - mov ebx,edx
StateOfDecay2-Win64-Shipping.exe+59D85B: 48 8B 4E 30 - mov rcx,[rsi+30]
StateOfDecay2-Win64-Shipping.exe+59D85F: 48 85 C9 - test rcx,rcx
StateOfDecay2-Win64-Shipping.exe+59D862: 74 13 - je StateOfDecay2-Win64-Shipping.exe+59D877
StateOfDecay2-Win64-Shipping.exe+59D864: 48 83 B9 00 01 00 00 00 - cmp qword ptr [rcx+00000100],00
StateOfDecay2-Win64-Shipping.exe+59D86C: 75 09 - jne StateOfDecay2-Win64-Shipping.exe+59D877
StateOfDecay2-Win64-Shipping.exe+59D86E: 48 8B 01 - mov rax,[rcx]
StateOfDecay2-Win64-Shipping.exe+59D871: FF 90 D0 02 00 00 - call qword ptr [rax+000002D0]
StateOfDecay2-Win64-Shipping.exe+59D877: 8B D3 - mov edx,ebx
StateOfDecay2-Win64-Shipping.exe+59D879: 88 5E 5C - mov [rsi+5C],bl
}
Code: Select all
{======================
Author : aanpsx
Date : 2021-06-24
Game : StateOfDecay2-Win64-Shipping.exe
Version : 1.0.0.0
======================}
define(Yes_SilenceGun,db 31 C0 90 90 90 90)
define(No_SilenceGun,db 8B 81 D8 02 00 00)
[ENABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x0080FF00
-------------- A.B.G.R
{$asm}
aobscanmodule(PSX_SilenceGun,$process,8B ** ** ** ** ** 41 89 ** C3 ** 40 53 48 83 ** ** 48 8B ** ** 45 33 ** 48 85 ** 49 8B ** 41 0F ** ** 4C ** ** 4C ** ** ** 48 8D ** ** ** E8 ** ** ** ** 48 8B ** 48 89 ** 48 83 ** ** 5B C3 ** ** ** ** ** ** ** ** ** ** ** ** 40 53 48 83 ** ** 48 8B ** ** 45 33 ** 48 85 ** 49 8B ** 41 0F ** ** 4C ** ** 4C ** ** ** E8)//8B 81 D8 02 00 00 41 89)//StateOfDecay2-Win64-Shipping.exe+9C55B5
registersymbol(PSX_SilenceGun)
PSX_SilenceGun:
Yes_SilenceGun
[DISABLE]
{$lua}
if syntaxcheck then return end
-----------------------
memrec.Color=0x00FF80FF
-------------- A.B.G.R
{$asm}
unregistersymbol(PSX_SilenceGun)
PSX_SilenceGun:
No_SilenceGun
{
// ORIGINAL CODE - INJECTION POINT: StateOfDecay2-Win64-Shipping.exe+9C55B5
StateOfDecay2-Win64-Shipping.exe+9C5592: C3 - ret
StateOfDecay2-Win64-Shipping.exe+9C5593: CC - int 3
StateOfDecay2-Win64-Shipping.exe+9C5594: CC - int 3
StateOfDecay2-Win64-Shipping.exe+9C5595: CC - int 3
StateOfDecay2-Win64-Shipping.exe+9C5596: CC - int 3
StateOfDecay2-Win64-Shipping.exe+9C5597: CC - int 3
StateOfDecay2-Win64-Shipping.exe+9C5598: CC - int 3
StateOfDecay2-Win64-Shipping.exe+9C5599: CC - int 3
StateOfDecay2-Win64-Shipping.exe+9C559A: CC - int 3
StateOfDecay2-Win64-Shipping.exe+9C559B: CC - int 3
StateOfDecay2-Win64-Shipping.exe+9C559C: CC - int 3
StateOfDecay2-Win64-Shipping.exe+9C559D: CC - int 3
StateOfDecay2-Win64-Shipping.exe+9C559E: CC - int 3
StateOfDecay2-Win64-Shipping.exe+9C559F: CC - int 3
StateOfDecay2-Win64-Shipping.exe+9C55A0: 48 8B 42 20 - mov rax,[rdx+20]
StateOfDecay2-Win64-Shipping.exe+9C55A4: 45 33 C9 - xor r9d,r9d
StateOfDecay2-Win64-Shipping.exe+9C55A7: 48 85 C0 - test rax,rax
StateOfDecay2-Win64-Shipping.exe+9C55AA: 41 0F 95 C1 - setne r9l
StateOfDecay2-Win64-Shipping.exe+9C55AE: 4C 03 C8 - add r9,rax
StateOfDecay2-Win64-Shipping.exe+9C55B1: 4C 89 4A 20 - mov [rdx+20],r9
// ---------- INJECTING HERE ----------
StateOfDecay2-Win64-Shipping.exe+9C55B5: 8B 81 D8 02 00 00 - mov eax,[rcx+000002D8]
// ---------- DONE INJECTING ----------
StateOfDecay2-Win64-Shipping.exe+9C55BB: 41 89 00 - mov [r8],eax
StateOfDecay2-Win64-Shipping.exe+9C55BE: C3 - ret
StateOfDecay2-Win64-Shipping.exe+9C55BF: CC - int 3
StateOfDecay2-Win64-Shipping.exe+9C55C0: 40 53 - push rbx
StateOfDecay2-Win64-Shipping.exe+9C55C2: 48 83 EC 20 - sub rsp,20
StateOfDecay2-Win64-Shipping.exe+9C55C6: 48 8B 42 20 - mov rax,[rdx+20]
StateOfDecay2-Win64-Shipping.exe+9C55CA: 45 33 C9 - xor r9d,r9d
StateOfDecay2-Win64-Shipping.exe+9C55CD: 48 85 C0 - test rax,rax
StateOfDecay2-Win64-Shipping.exe+9C55D0: 49 8B D8 - mov rbx,r8
StateOfDecay2-Win64-Shipping.exe+9C55D3: 41 0F 95 C1 - setne r9l
StateOfDecay2-Win64-Shipping.exe+9C55D7: 4C 03 C8 - add r9,rax
StateOfDecay2-Win64-Shipping.exe+9C55DA: 4C 89 4A 20 - mov [rdx+20],r9
StateOfDecay2-Win64-Shipping.exe+9C55DE: 48 8D 54 24 38 - lea rdx,[rsp+38]
StateOfDecay2-Win64-Shipping.exe+9C55E3: E8 98 5B 93 FF - call StateOfDecay2-Win64-Shipping.exe+2FB180
StateOfDecay2-Win64-Shipping.exe+9C55E8: 48 8B 08 - mov rcx,[rax]
StateOfDecay2-Win64-Shipping.exe+9C55EB: 48 89 0B - mov [rbx],rcx
StateOfDecay2-Win64-Shipping.exe+9C55EE: 48 83 C4 20 - add rsp,20
StateOfDecay2-Win64-Shipping.exe+9C55F2: 5B - pop rbx
StateOfDecay2-Win64-Shipping.exe+9C55F3: C3 - ret
StateOfDecay2-Win64-Shipping.exe+9C55F4: CC - int 3
}
Code: Select all
{======================
Author : aanpsx
Date : 2022-05-31
Game : StateOfDecay2-Win64-Shipping.exe
Version : 1.0.0.0
======================}
//===== [_InfAmmo] ======
define(inject_InfAmmo,StateOfDecay2-Win64-Shipping.exe+4AA34D)
define(Yes_InfAmmo,db 90 90 90)
define(No_InfAmmo,db 41 2B CE)
[ENABLE]
{$lua}
if syntaxcheck then return end
-----------------------
--memrec.Description='Ubah_Text_Disini'
memrec.Color=0x0080FF00
-------------- A.B.G.R
{$asm}
//===== [_InfAmmo] ======
//aobscanmodule(PSX_InfAmmo,StateOfDecay2-Win64-Shipping.exe,41 2B ** 89 ** ** 89 ** ** ** ** ** ** 48 8D)//StateOfDecay2-Win64-Shipping.exe+4AA34D
aobscanmodule(PSX_InfAmmo,StateOfDecay2-Win64-Shipping.exe,41 2B ** 89 ** ** 89 ** ** ** ** ** **) //Temporary Fix
registersymbol(PSX_InfAmmo)
PSX_InfAmmo:
Yes_InfAmmo
//
[DISABLE]
{$lua}
if syntaxcheck then return end
-----------------------
--memrec.Description='Ubah_Text_Disini'
memrec.Color=0x00FF80FF
-------------- A.B.G.R
{$asm}
//===== [_InfAmmo] ======
unregistersymbol(PSX_InfAmmo)
PSX_InfAmmo:
No_InfAmmo
//
//===== [_InfAmmo] ======
{
// ORIGINAL CODE - INJECTION POINT: StateOfDecay2-Win64-Shipping.exe+4AA34D
StateOfDecay2-Win64-Shipping.exe+4AA30B: 0F 1F 44 00 00 - nop dword ptr [rax+rax+00]
StateOfDecay2-Win64-Shipping.exe+4AA310: 48 3B C8 - cmp rcx,rax
StateOfDecay2-Win64-Shipping.exe+4AA313: 74 0B - je StateOfDecay2-Win64-Shipping.exe+4AA320
StateOfDecay2-Win64-Shipping.exe+4AA315: 48 8B 49 30 - mov rcx,[rcx+30]
StateOfDecay2-Win64-Shipping.exe+4AA319: 48 85 C9 - test rcx,rcx
StateOfDecay2-Win64-Shipping.exe+4AA31C: 75 F2 - jne StateOfDecay2-Win64-Shipping.exe+4AA310
StateOfDecay2-Win64-Shipping.exe+4AA31E: 33 D2 - xor edx,edx
StateOfDecay2-Win64-Shipping.exe+4AA320: 48 8B CD - mov rcx,rbp
StateOfDecay2-Win64-Shipping.exe+4AA323: E8 48 DA 00 00 - call StateOfDecay2-Win64-Shipping.exe+4B7D70
StateOfDecay2-Win64-Shipping.exe+4AA328: 85 C0 - test eax,eax
StateOfDecay2-Win64-Shipping.exe+4AA32A: 40 0F 9F C5 - setg bpl
StateOfDecay2-Win64-Shipping.exe+4AA32E: 48 8B CB - mov rcx,rbx
StateOfDecay2-Win64-Shipping.exe+4AA331: E8 EA 89 00 00 - call StateOfDecay2-Win64-Shipping.exe+4B2D20
StateOfDecay2-Win64-Shipping.exe+4AA336: 44 8B 78 50 - mov r15d,[rax+50]
StateOfDecay2-Win64-Shipping.exe+4AA33A: 48 8B CB - mov rcx,rbx
StateOfDecay2-Win64-Shipping.exe+4AA33D: E8 1E 89 00 00 - call StateOfDecay2-Win64-Shipping.exe+4B2C60
StateOfDecay2-Win64-Shipping.exe+4AA342: 48 8B F8 - mov rdi,rax
StateOfDecay2-Win64-Shipping.exe+4AA345: 8B 48 50 - mov ecx,[rax+50]
StateOfDecay2-Win64-Shipping.exe+4AA348: 41 3B CE - cmp ecx,r14d
StateOfDecay2-Win64-Shipping.exe+4AA34B: 7C 27 - jl StateOfDecay2-Win64-Shipping.exe+4AA374
// ---------- INJECTING HERE ----------
StateOfDecay2-Win64-Shipping.exe+4AA34D: 41 2B CE - sub ecx,r14d
// ---------- DONE INJECTING ----------
StateOfDecay2-Win64-Shipping.exe+4AA350: 89 48 50 - mov [rax+50],ecx
StateOfDecay2-Win64-Shipping.exe+4AA353: 89 8C 24 88 00 00 00 - mov [rsp+00000088],ecx
StateOfDecay2-Win64-Shipping.exe+4AA35A: 48 8D 48 58 - lea rcx,[rax+58]
StateOfDecay2-Win64-Shipping.exe+4AA35E: 48 8D 94 24 88 00 00 00 - lea rdx,[rsp+00000088]
StateOfDecay2-Win64-Shipping.exe+4AA366: E8 A5 AF C8 FF - call StateOfDecay2-Win64-Shipping.exe+135310
StateOfDecay2-Win64-Shipping.exe+4AA36B: C6 47 28 01 - mov byte ptr [rdi+28],01
StateOfDecay2-Win64-Shipping.exe+4AA36F: 41 B6 01 - mov r14l,01
StateOfDecay2-Win64-Shipping.exe+4AA372: EB 03 - jmp StateOfDecay2-Win64-Shipping.exe+4AA377
StateOfDecay2-Win64-Shipping.exe+4AA374: 45 32 F6 - xor r14l,r14l
StateOfDecay2-Win64-Shipping.exe+4AA377: 48 8B CB - mov rcx,rbx
StateOfDecay2-Win64-Shipping.exe+4AA37A: E8 A1 89 00 00 - call StateOfDecay2-Win64-Shipping.exe+4B2D20
StateOfDecay2-Win64-Shipping.exe+4AA37F: 8B 78 50 - mov edi,[rax+50]
StateOfDecay2-Win64-Shipping.exe+4AA382: 45 84 F6 - test r14l,r14l
StateOfDecay2-Win64-Shipping.exe+4AA385: 0F 84 04 01 00 00 - je StateOfDecay2-Win64-Shipping.exe+4AA48F
StateOfDecay2-Win64-Shipping.exe+4AA38B: E8 C0 BF 2A 00 - call StateOfDecay2-Win64-Shipping.exe+756350
StateOfDecay2-Win64-Shipping.exe+4AA390: F3 0F 10 B0 E4 00 00 00 - movss xmm6,[rax+000000E4]
StateOfDecay2-Win64-Shipping.exe+4AA398: 48 8B 4B 70 - mov rcx,[rbx+70]
StateOfDecay2-Win64-Shipping.exe+4AA39C: E8 2F 74 C7 02 - call StateOfDecay2-Win64-Shipping.exe+31217D0
StateOfDecay2-Win64-Shipping.exe+4AA3A1: 66 0F 6E 80 64 01 00 00 - movd xmm0,[rax+00000164]
StateOfDecay2-Win64-Shipping.exe+4AA3A9: 0F 5B C0 - cvtdq2ps xmm0,xmm0
}