As you could notice I'm trying my best as a very newbie reverse engineering user.
The interesting part is at minute 7:29, although I don't know what really I'm doing with the op-codes, I think (in my ignorance) that I found the function that handles the HP for the character (for the player at the 1st position of the squad from the left), at address: GameAssembly.dll+2FDECDB (as of game version 107.4.20)
But always that I edit any op-code of this function, the game crashes (like it happens in minute 8:47 of the video). I tried it various times, I always point to the same function.
I need your help.
I'll show you the function copied by Cheat Engine. Please let me know If I'm going in the right direction by focusing in this function, and in case of that I'm right, then what you suggest me to change in order to try make the character invincible?:
Code: Select all
GameAssembly.dll+2FDEC30 - 48 8B C4 - mov rax,rsp
GameAssembly.dll+2FDEC33 - 53 - push rbx
GameAssembly.dll+2FDEC34 - 48 81 EC A0000000 - sub rsp,000000A0 { 160 }
GameAssembly.dll+2FDEC3B - 80 79 18 00 - cmp byte ptr [rcx+18],00 { 0 }
GameAssembly.dll+2FDEC3F - 48 8B D9 - mov rbx,rcx
GameAssembly.dll+2FDEC42 - 0F29 70 E8 - movaps [rax-18],xmm6
GameAssembly.dll+2FDEC46 - 0F29 78 D8 - movaps [rax-28],xmm7
GameAssembly.dll+2FDEC4A - 44 0F29 58 98 - movaps [rax-68],xmm11
GameAssembly.dll+2FDEC4F - 44 0F29 60 88 - movaps [rax-78],xmm12
GameAssembly.dll+2FDEC54 - 44 0F29 6C 24 20 - movaps [rsp+20],xmm13
GameAssembly.dll+2FDEC5A - 44 0F28 E9 - movaps xmm13,xmm1
GameAssembly.dll+2FDEC5E - 74 10 - je GameAssembly.dll+2FDEC70
GameAssembly.dll+2FDEC60 - 48 8B 51 20 - mov rdx,[rcx+20]
GameAssembly.dll+2FDEC64 - 45 33 C0 - xor r8d,r8d
GameAssembly.dll+2FDEC67 - E8 84F6FFFF - call GameAssembly.dll+2FDE2F0
GameAssembly.dll+2FDEC6C - C6 43 18 00 - mov byte ptr [rbx+18],00 { 0 }
GameAssembly.dll+2FDEC70 - 44 0F29 44 24 70 - movaps [rsp+70],xmm8
GameAssembly.dll+2FDEC76 - 33 D2 - xor edx,edx
GameAssembly.dll+2FDEC78 - 48 8B CB - mov rcx,rbx
GameAssembly.dll+2FDEC7B - 44 0F29 4C 24 60 - movaps [rsp+60],xmm9
GameAssembly.dll+2FDEC81 - E8 4A040000 - call GameAssembly.dll+2FDF0D0
GameAssembly.dll+2FDEC86 - 33 D2 - xor edx,edx
GameAssembly.dll+2FDEC88 - 48 8B CB - mov rcx,rbx
GameAssembly.dll+2FDEC8B - 44 0F28 D8 - movaps xmm11,xmm0
GameAssembly.dll+2FDEC8F - E8 3C040000 - call GameAssembly.dll+2FDF0D0
GameAssembly.dll+2FDEC94 - 48 8B 4B 28 - mov rcx,[rbx+28]
GameAssembly.dll+2FDEC98 - 33 D2 - xor edx,edx
GameAssembly.dll+2FDEC9A - 0F28 F8 - movaps xmm7,xmm0
GameAssembly.dll+2FDEC9D - E8 1EA06FFF - call GameAssembly.dll+26D8CC0
GameAssembly.dll+2FDECA2 - 48 8B 4B 30 - mov rcx,[rbx+30]
GameAssembly.dll+2FDECA6 - 33 D2 - xor edx,edx
GameAssembly.dll+2FDECA8 - 0F28 F0 - movaps xmm6,xmm0
GameAssembly.dll+2FDECAB - E8 10A06FFF - call GameAssembly.dll+26D8CC0
GameAssembly.dll+2FDECB0 - F3 44 0F10 25 7B303B01 - movss xmm12,[GameAssembly.dll+4391D34] { (1.00) }
GameAssembly.dll+2FDECB9 - F3 0F5E F0 - divss xmm6,xmm0
GameAssembly.dll+2FDECBD - F3 0F58 F7 - addss xmm6,xmm7
GameAssembly.dll+2FDECC1 - 41 0F2F F4 - comiss xmm6,xmm12
GameAssembly.dll+2FDECC5 - 0F86 93000000 - jbe GameAssembly.dll+2FDED5E
GameAssembly.dll+2FDECCB - 33 D2 - xor edx,edx
GameAssembly.dll+2FDECCD - 44 0F29 54 24 50 - movaps [rsp+50],xmm10
GameAssembly.dll+2FDECD3 - 48 8B CB - mov rcx,rbx
GameAssembly.dll+2FDECD6 - E8 F5030000 - call GameAssembly.dll+2FDF0D0
GameAssembly.dll+2FDECDB - 48 8B 4B 20 - mov rcx,[rbx+20]
GameAssembly.dll+2FDECDF - 33 D2 - xor edx,edx
GameAssembly.dll+2FDECE1 - 44 0F28 D8 - movaps xmm11,xmm0
GameAssembly.dll+2FDECE5 - E8 D69F6FFF - call GameAssembly.dll+26D8CC0
GameAssembly.dll+2FDECEA - 48 8B 4B 48 - mov rcx,[rbx+48]
GameAssembly.dll+2FDECEE - 33 D2 - xor edx,edx
GameAssembly.dll+2FDECF0 - 44 0F28 D0 - movaps xmm10,xmm0
GameAssembly.dll+2FDECF4 - E8 C79F6FFF - call GameAssembly.dll+26D8CC0
GameAssembly.dll+2FDECF9 - 48 8B 4B 30 - mov rcx,[rbx+30]
GameAssembly.dll+2FDECFD - 33 D2 - xor edx,edx
GameAssembly.dll+2FDECFF - 44 0F28 C8 - movaps xmm9,xmm0
GameAssembly.dll+2FDED03 - E8 B89F6FFF - call GameAssembly.dll+26D8CC0
GameAssembly.dll+2FDED08 - 48 8B 4B 30 - mov rcx,[rbx+30]
GameAssembly.dll+2FDED0C - 33 D2 - xor edx,edx
GameAssembly.dll+2FDED0E - 0F28 F0 - movaps xmm6,xmm0
GameAssembly.dll+2FDED11 - E8 AA9F6FFF - call GameAssembly.dll+26D8CC0
GameAssembly.dll+2FDED16 - 48 8B 4B 28 - mov rcx,[rbx+28]
GameAssembly.dll+2FDED1A - 33 D2 - xor edx,edx
GameAssembly.dll+2FDED1C - 44 0F28 C0 - movaps xmm8,xmm0
GameAssembly.dll+2FDED20 - E8 9B9F6FFF - call GameAssembly.dll+26D8CC0
GameAssembly.dll+2FDED25 - 48 8B 4B 30 - mov rcx,[rbx+30]
GameAssembly.dll+2FDED29 - 33 D2 - xor edx,edx
GameAssembly.dll+2FDED2B - 0F28 F8 - movaps xmm7,xmm0
GameAssembly.dll+2FDED2E - E8 8D9F6FFF - call GameAssembly.dll+26D8CC0
GameAssembly.dll+2FDED33 - F3 44 0F5E CE - divss xmm9,xmm6
GameAssembly.dll+2FDED38 - 41 0F28 CC - movaps xmm1,xmm12
GameAssembly.dll+2FDED3C - F3 41 0F5C C9 - subss xmm1,xmm9
GameAssembly.dll+2FDED41 - F3 0F5E F8 - divss xmm7,xmm0
GameAssembly.dll+2FDED45 - F3 41 0F59 CA - mulss xmm1,xmm10
GameAssembly.dll+2FDED4A - 44 0F28 54 24 50 - movaps xmm10,[rsp+50]
GameAssembly.dll+2FDED50 - F3 41 0F5E C8 - divss xmm1,xmm8
GameAssembly.dll+2FDED55 - F3 0F58 F9 - addss xmm7,xmm1
GameAssembly.dll+2FDED59 - F3 44 0F5E DF - divss xmm11,xmm7
GameAssembly.dll+2FDED5E - F3 0F10 73 50 - movss xmm6,[rbx+50]
GameAssembly.dll+2FDED63 - 33 C9 - xor ecx,ecx
GameAssembly.dll+2FDED65 - E8 060A6E00 - call GameAssembly.dll+36BF770
GameAssembly.dll+2FDED6A - 48 85 C0 - test rax,rax
GameAssembly.dll+2FDED6D - 0F84 15030000 - je GameAssembly.dll+2FDF088
GameAssembly.dll+2FDED73 - 48 8B 88 A0000000 - mov rcx,[rax+000000A0]
GameAssembly.dll+2FDED7A - 48 85 C9 - test rcx,rcx
GameAssembly.dll+2FDED7D - 0F84 05030000 - je GameAssembly.dll+2FDF088
GameAssembly.dll+2FDED83 - F3 0F5E B1 88000000 - divss xmm6,[rcx+00000088]
GameAssembly.dll+2FDED8B - 90 - nop
GameAssembly.dll+2FDED8C - 90 - nop
GameAssembly.dll+2FDED8D - 90 - nop
GameAssembly.dll+2FDED8E - 90 - nop
GameAssembly.dll+2FDED8F - 0F57 FF - xorps xmm7,xmm7
GameAssembly.dll+2FDED92 - F3 0F11 B3 E4000000 - movss [rbx+000000E4],xmm6
GameAssembly.dll+2FDED9A - 48 39 43 38 - cmp [rbx+38],rax
GameAssembly.dll+2FDED9E - 0F84 85010000 - je GameAssembly.dll+2FDEF29
GameAssembly.dll+2FDEDA4 - 48 3B 43 38 - cmp rax,[rbx+38]
GameAssembly.dll+2FDEDA8 - 7C 57 - jl GameAssembly.dll+2FDEE01
GameAssembly.dll+2FDEDAA - 48 39 43 38 - cmp [rbx+38],rax
GameAssembly.dll+2FDEDAE - 0F8D C8000000 - jnl GameAssembly.dll+2FDEE7C
GameAssembly.dll+2FDEDB4 - F3 0F10 B3 E0000000 - movss xmm6,[rbx+000000E0]
GameAssembly.dll+2FDEDBC - 33 D2 - xor edx,edx
GameAssembly.dll+2FDEDBE - 48 8B C8 - mov rcx,rax
GameAssembly.dll+2FDEDC1 - E8 FA9E6FFF - call GameAssembly.dll+26D8CC0
GameAssembly.dll+2FDEDC6 - F3 0F10 93 E4000000 - movss xmm2,[rbx+000000E4]
GameAssembly.dll+2FDEDCE - 0F28 C8 - movaps xmm1,xmm0
GameAssembly.dll+2FDEDD1 - 0F28 C6 - movaps xmm0,xmm6
GameAssembly.dll+2FDEDD4 - 45 33 C9 - xor r9d,r9d
GameAssembly.dll+2FDEDD7 - E8 1466FFFF - call GameAssembly.dll+2FD53F0
GameAssembly.dll+2FDEDDC - F3 48 0F2C C8 - cvttss2si rcx,xmm0
GameAssembly.dll+2FDEDE1 - 33 D2 - xor edx,edx
GameAssembly.dll+2FDEDE3 - E8 48D060FD - call GameAssembly.dll+5EBE30
GameAssembly.dll+2FDEDE8 - 48 8D 8B 80000000 - lea rcx,[rbx+00000080]
GameAssembly.dll+2FDEDEF - 48 89 43 38 - mov [rbx+38],rax
GameAssembly.dll+2FDEDF3 - 45 33 C0 - xor r8d,r8d
GameAssembly.dll+2FDEDF6 - 41 0F28 CB - movaps xmm1,xmm11
GameAssembly.dll+2FDEDFA - E8 A1A0FFFF - call GameAssembly.dll+2FD8EA0
GameAssembly.dll+2FDEDFF - EB 7B - jmp GameAssembly.dll+2FDEE7C
GameAssembly.dll+2FDEE01 - F3 0F10 B3 E0000000 - movss xmm6,[rbx+000000E0]
GameAssembly.dll+2FDEE09 - 33 D2 - xor edx,edx
GameAssembly.dll+2FDEE0B - 48 8B C8 - mov rcx,rax
GameAssembly.dll+2FDEE0E - E8 AD9E6FFF - call GameAssembly.dll+26D8CC0
GameAssembly.dll+2FDEE13 - F3 0F10 93 E4000000 - movss xmm2,[rbx+000000E4]
GameAssembly.dll+2FDEE1B - 0F28 D8 - movaps xmm3,xmm0
GameAssembly.dll+2FDEE1E - 0F2F FA - comiss xmm7,xmm2
GameAssembly.dll+2FDEE21 - 77 0C - ja GameAssembly.dll+2FDEE2F
GameAssembly.dll+2FDEE23 - 41 0F2F D4 - comiss xmm2,xmm12
GameAssembly.dll+2FDEE27 - 76 09 - jna GameAssembly.dll+2FDEE32
GameAssembly.dll+2FDEE29 - 41 0F28 D4 - movaps xmm2,xmm12
GameAssembly.dll+2FDEE2D - EB 03 - jmp GameAssembly.dll+2FDEE32
GameAssembly.dll+2FDEE2F - 0F57 D2 - xorps xmm2,xmm2
GameAssembly.dll+2FDEE32 - 0F28 CA - movaps xmm1,xmm2
GameAssembly.dll+2FDEE35 - 0F28 C2 - movaps xmm0,xmm2
GameAssembly.dll+2FDEE38 - F3 0F59 0D 08303B01 - mulss xmm1,[GameAssembly.dll+4391E48] { (-2.00) }
GameAssembly.dll+2FDEE40 - F3 0F59 05 58303B01 - mulss xmm0,[GameAssembly.dll+4391EA0] { (3.00) }
GameAssembly.dll+2FDEE48 - F3 0F59 CA - mulss xmm1,xmm2
GameAssembly.dll+2FDEE4C - F3 0F59 C2 - mulss xmm0,xmm2
GameAssembly.dll+2FDEE50 - F3 0F59 CA - mulss xmm1,xmm2
GameAssembly.dll+2FDEE54 - F3 0F58 C8 - addss xmm1,xmm0
GameAssembly.dll+2FDEE58 - 41 0F28 C4 - movaps xmm0,xmm12
GameAssembly.dll+2FDEE5C - 33 D2 - xor edx,edx
GameAssembly.dll+2FDEE5E - F3 0F5C C1 - subss xmm0,xmm1
GameAssembly.dll+2FDEE62 - F3 0F59 CB - mulss xmm1,xmm3
GameAssembly.dll+2FDEE66 - F3 0F59 C6 - mulss xmm0,xmm6
GameAssembly.dll+2FDEE6A - F3 0F58 C1 - addss xmm0,xmm1
GameAssembly.dll+2FDEE6E - F3 48 0F2C C8 - cvttss2si rcx,xmm0
GameAssembly.dll+2FDEE73 - E8 B8CF60FD - call GameAssembly.dll+5EBE30
GameAssembly.dll+2FDEE78 - 48 89 43 38 - mov [rbx+38],rax
GameAssembly.dll+2FDEE7C - 48 8B 43 38 - mov rax,[rbx+38]
GameAssembly.dll+2FDEE80 - 90 - nop
GameAssembly.dll+2FDEE81 - 90 - nop
GameAssembly.dll+2FDEE82 - 90 - nop
GameAssembly.dll+2FDEE83 - 90 - nop
GameAssembly.dll+2FDEE84 - 0F85 9F000000 - jne GameAssembly.dll+2FDEF29
GameAssembly.dll+2FDEE8A - 48 8B 43 20 - mov rax,[rbx+20]
GameAssembly.dll+2FDEE8E - 48 8D 8B 90000000 - lea rcx,[rbx+00000090]
GameAssembly.dll+2FDEE95 - 45 33 C0 - xor r8d,r8d
GameAssembly.dll+2FDEE98 - 48 89 43 38 - mov [rbx+38],rax
GameAssembly.dll+2FDEE9C - 41 0F28 CB - movaps xmm1,xmm11
GameAssembly.dll+2FDEEA0 - 48 89 BC 24 B0000000 - mov [rsp+000000B0],rdi
GameAssembly.dll+2FDEEA8 - E8 F39FFFFF - call GameAssembly.dll+2FD8EA0
GameAssembly.dll+2FDEEAD - 48 8D 8B 80000000 - lea rcx,[rbx+00000080]
GameAssembly.dll+2FDEEB4 - 45 33 C0 - xor r8d,r8d
GameAssembly.dll+2FDEEB7 - 41 0F28 CB - movaps xmm1,xmm11
GameAssembly.dll+2FDEEBB - E8 E09FFFFF - call GameAssembly.dll+2FD8EA0
GameAssembly.dll+2FDEEC0 - 80 3D 21E8AE02 00 - cmp byte ptr [GameAssembly.dll+5ACD6E8],00 { (16843009),0 }
GameAssembly.dll+2FDEEC7 - 75 13 - jne GameAssembly.dll+2FDEEDC
GameAssembly.dll+2FDEEC9 - 48 8D 0D C06B6D02 - lea rcx,[GameAssembly.dll+56B5A90] { (64A41A30) }
GameAssembly.dll+2FDEED0 - E8 6B2451FD - call GameAssembly.dll+4F1340
GameAssembly.dll+2FDEED5 - C6 05 0CE8AE02 01 - mov byte ptr [GameAssembly.dll+5ACD6E8],01 { (16843009),1 }
GameAssembly.dll+2FDEEDC - 48 8B 0D AD6B6D02 - mov rcx,[GameAssembly.dll+56B5A90] { (64A41A30) }
GameAssembly.dll+2FDEEE3 - 48 8B BB 90000000 - mov rdi,[rbx+00000090]
GameAssembly.dll+2FDEEEA - 83 B9 E0000000 00 - cmp dword ptr [rcx+000000E0],00 { 0 }
GameAssembly.dll+2FDEEF1 - 75 05 - jne GameAssembly.dll+2FDEEF8
GameAssembly.dll+2FDEEF3 - E8 782651FD - call GameAssembly.dll+4F1570
GameAssembly.dll+2FDEEF8 - 33 D2 - xor edx,edx
GameAssembly.dll+2FDEEFA - 48 8B CF - mov rcx,rdi
GameAssembly.dll+2FDEEFD - E8 DED52601 - call GameAssembly.dll+424C4E0
GameAssembly.dll+2FDEF02 - 48 8B BC 24 B0000000 - mov rdi,[rsp+000000B0]
GameAssembly.dll+2FDEF0A - 84 C0 - test al,al
GameAssembly.dll+2FDEF0C - 74 1B - je GameAssembly.dll+2FDEF29
GameAssembly.dll+2FDEF0E - 48 8B 8B 98000000 - mov rcx,[rbx+00000098]
GameAssembly.dll+2FDEF15 - 48 85 C9 - test rcx,rcx
GameAssembly.dll+2FDEF18 - 0F84 6A010000 - je GameAssembly.dll+2FDF088
GameAssembly.dll+2FDEF1E - 45 33 C0 - xor r8d,r8d
GameAssembly.dll+2FDEF21 - 0F57 C9 - xorps xmm1,xmm1
GameAssembly.dll+2FDEF24 - E8 77733201 - call GameAssembly.dll+43062A0
GameAssembly.dll+2FDEF29 - F3 44 0F10 43 40 - movss xmm8,[rbx+40]
GameAssembly.dll+2FDEF2F - 33 C9 - xor ecx,ecx
GameAssembly.dll+2FDEF31 - E8 3A086E00 - call GameAssembly.dll+36BF770
GameAssembly.dll+2FDEF36 - 48 85 C0 - test rax,rax
GameAssembly.dll+2FDEF39 - 0F84 49010000 - je GameAssembly.dll+2FDF088
GameAssembly.dll+2FDEF3F - 48 8B 88 A0000000 - mov rcx,[rax+000000A0]
GameAssembly.dll+2FDEF46 - 48 85 C9 - test rcx,rcx
GameAssembly.dll+2FDEF49 - 0F84 39010000 - je GameAssembly.dll+2FDF088
GameAssembly.dll+2FDEF4F - 41 0F28 C5 - movaps xmm0,xmm13
GameAssembly.dll+2FDEF53 - F3 0F59 81 94000000 - mulss xmm0,[rcx+00000094]
GameAssembly.dll+2FDEF5B - 0F2F F8 - comiss xmm7,xmm0
GameAssembly.dll+2FDEF5E - 77 0C - ja GameAssembly.dll+2FDEF6C
GameAssembly.dll+2FDEF60 - 41 0F2F C4 - comiss xmm0,xmm12
GameAssembly.dll+2FDEF64 - 76 09 - jna GameAssembly.dll+2FDEF6F
GameAssembly.dll+2FDEF66 - 41 0F28 C4 - movaps xmm0,xmm12
GameAssembly.dll+2FDEF6A - EB 03 - jmp GameAssembly.dll+2FDEF6F
GameAssembly.dll+2FDEF6C - 0F57 C0 - xorps xmm0,xmm0
GameAssembly.dll+2FDEF6F - F3 44 0F10 0D 382E3B01 - movss xmm9,[GameAssembly.dll+4391DB0] { (Nan) }
GameAssembly.dll+2FDEF78 - 41 0F28 F3 - movaps xmm6,xmm11
GameAssembly.dll+2FDEF7C - F3 41 0F5C F0 - subss xmm6,xmm8
GameAssembly.dll+2FDEF81 - 33 C9 - xor ecx,ecx
GameAssembly.dll+2FDEF83 - F3 0F59 F0 - mulss xmm6,xmm0
GameAssembly.dll+2FDEF87 - F3 41 0F58 F0 - addss xmm6,xmm8
GameAssembly.dll+2FDEF8C - F3 44 0F10 43 40 - movss xmm8,[rbx+40]
GameAssembly.dll+2FDEF92 - F3 44 0F5C C6 - subss xmm8,xmm6
GameAssembly.dll+2FDEF97 - 45 0F54 C1 - andps xmm8,xmm9
GameAssembly.dll+2FDEF9B - E8 D0076E00 - call GameAssembly.dll+36BF770
GameAssembly.dll+2FDEFA0 - 48 85 C0 - test rax,rax
GameAssembly.dll+2FDEFA3 - 0F84 DF000000 - je GameAssembly.dll+2FDF088
GameAssembly.dll+2FDEFA9 - 48 8B 80 A0000000 - mov rax,[rax+000000A0]
GameAssembly.dll+2FDEFB0 - 48 85 C0 - test rax,rax
GameAssembly.dll+2FDEFB3 - 0F84 CF000000 - je GameAssembly.dll+2FDF088
GameAssembly.dll+2FDEFB9 - 41 0F28 C5 - movaps xmm0,xmm13
GameAssembly.dll+2FDEFBD - F3 0F59 80 98000000 - mulss xmm0,[rax+00000098]
GameAssembly.dll+2FDEFC5 - 41 0F2F C0 - comiss xmm0,xmm8
GameAssembly.dll+2FDEFC9 - 76 75 - jna GameAssembly.dll+2FDF040
GameAssembly.dll+2FDEFCB - F3 44 0F10 43 40 - movss xmm8,[rbx+40]
GameAssembly.dll+2FDEFD1 - 33 C9 - xor ecx,ecx
GameAssembly.dll+2FDEFD3 - E8 98076E00 - call GameAssembly.dll+36BF770
GameAssembly.dll+2FDEFD8 - 48 85 C0 - test rax,rax
GameAssembly.dll+2FDEFDB - 0F84 A7000000 - je GameAssembly.dll+2FDF088
GameAssembly.dll+2FDEFE1 - 48 8B 88 A0000000 - mov rcx,[rax+000000A0]
GameAssembly.dll+2FDEFE8 - 48 85 C9 - test rcx,rcx
GameAssembly.dll+2FDEFEB - 0F84 97000000 - je GameAssembly.dll+2FDF088
GameAssembly.dll+2FDEFF1 - F3 44 0F59 A9 98000000 - mulss xmm13,[rcx+00000098]
GameAssembly.dll+2FDEFFA - 41 0F28 C3 - movaps xmm0,xmm11
GameAssembly.dll+2FDEFFE - F3 41 0F5C C0 - subss xmm0,xmm8
GameAssembly.dll+2FDF003 - 41 0F54 C1 - andps xmm0,xmm9
GameAssembly.dll+2FDF007 - 44 0F2F E8 - comiss xmm13,xmm0
GameAssembly.dll+2FDF00B - 73 2F - jae GameAssembly.dll+2FDF03C
GameAssembly.dll+2FDF00D - F3 45 0F5C D8 - subss xmm11,xmm8
GameAssembly.dll+2FDF012 - 44 0F2F DF - comiss xmm11,xmm7
GameAssembly.dll+2FDF016 - 72 10 - jb GameAssembly.dll+2FDF028
GameAssembly.dll+2FDF018 - 41 0F28 F4 - movaps xmm6,xmm12
GameAssembly.dll+2FDF01C - F3 41 0F59 F5 - mulss xmm6,xmm13
GameAssembly.dll+2FDF021 - F3 41 0F58 F0 - addss xmm6,xmm8
GameAssembly.dll+2FDF026 - EB 18 - jmp GameAssembly.dll+2FDF040
GameAssembly.dll+2FDF028 - F3 0F10 35 542D3B01 - movss xmm6,[GameAssembly.dll+4391D84] { (-1.00) }
GameAssembly.dll+2FDF030 - F3 41 0F59 F5 - mulss xmm6,xmm13
GameAssembly.dll+2FDF035 - F3 41 0F58 F0 - addss xmm6,xmm8
GameAssembly.dll+2FDF03A - EB 04 - jmp GameAssembly.dll+2FDF040
GameAssembly.dll+2FDF03C - 41 0F28 F3 - movaps xmm6,xmm11
GameAssembly.dll+2FDF040 - 48 8D 8B A0000000 - lea rcx,[rbx+000000A0]
GameAssembly.dll+2FDF047 - F3 0F11 73 40 - movss [rbx+40],xmm6
GameAssembly.dll+2FDF04C - 45 33 C0 - xor r8d,r8d
GameAssembly.dll+2FDF04F - 0F28 CE - movaps xmm1,xmm6
GameAssembly.dll+2FDF052 - 44 0F28 4C 24 60 - movaps xmm9,[rsp+60]
GameAssembly.dll+2FDF058 - 4C 8D 9C 24 A0000000 - lea r11,[rsp+000000A0]
GameAssembly.dll+2FDF060 - 41 0F28 73 F0 - movaps xmm6,[r11-10]
GameAssembly.dll+2FDF065 - 41 0F28 7B E0 - movaps xmm7,[r11-20]
GameAssembly.dll+2FDF06A - 45 0F28 5B A0 - movaps xmm11,[r11-60]
GameAssembly.dll+2FDF06F - 45 0F28 63 90 - movaps xmm12,[r11-70]
GameAssembly.dll+2FDF074 - 45 0F28 6B 80 - movaps xmm13,[r11-80]
GameAssembly.dll+2FDF079 - 44 0F28 44 24 70 - movaps xmm8,[rsp+70]
GameAssembly.dll+2FDF07F - 49 8B E3 - mov rsp,r11
GameAssembly.dll+2FDF082 - 5B - pop rbx
GameAssembly.dll+2FDF083 - E9 189EFFFF - jmp GameAssembly.dll+2FD8EA0
GameAssembly.dll+2FDF088 - E8 532451FD - call GameAssembly.dll+4F14E0
GameAssembly.dll+2FDF08D - CC - int 3
That assembly code for me is indecipherable. I have limited myself to change some "sub" for an "add", and to NOP the entire function, or NOP some opcodes inside the function. The game always chrashes.