Code: Select all
[ENABLE]
aobscanmodule(stealth1,Disrupt_b64.dll,F3 0F 11 41 08 74 0B) // should be unique
alloc(newmem,$100,"Disrupt_b64.dll"+A03B82)
label(code)
label(return)
newmem:
code:
push rax
mov rax,(float)0
mov [rcx],rax
mov [rcx+04],rax
mov [rcx+0C],rax
mov [rcx+10],rax
mov [rcx+08],rax
pop rax
jmp return
stealth1:
jmp newmem
return:
registersymbol(stealth1)
[DISABLE]
stealth1:
db F3 0F 11 41 08
unregistersymbol(stealth1)
dealloc(newmem)
{
// ORIGINAL CODE - INJECTION POINT: "Disrupt_b64.dll"+A03B82
"Disrupt_b64.dll"+A03B67: C3 - ret
"Disrupt_b64.dll"+A03B68: 0F 2F CB - comiss xmm1,xmm3
"Disrupt_b64.dll"+A03B6B: F3 0F 11 51 04 - movss [rcx+04],xmm2
"Disrupt_b64.dll"+A03B70: 76 07 - jna Disrupt_b64.dll+A03B79
"Disrupt_b64.dll"+A03B72: 0F 2F C8 - comiss xmm1,xmm0
"Disrupt_b64.dll"+A03B75: 76 05 - jna Disrupt_b64.dll+A03B7C
"Disrupt_b64.dll"+A03B77: EB 06 - jmp Disrupt_b64.dll+A03B7F
"Disrupt_b64.dll"+A03B79: 0F 28 CB - movaps xmm1,xmm3
"Disrupt_b64.dll"+A03B7C: 0F 28 C1 - movaps xmm0,xmm1
"Disrupt_b64.dll"+A03B7F: 0F 2E C2 - ucomiss xmm0,xmm2
// ---------- INJECTING HERE ----------
"Disrupt_b64.dll"+A03B82: F3 0F 11 41 08 - movss [rcx+08],xmm0
// ---------- DONE INJECTING ----------
"Disrupt_b64.dll"+A03B87: 74 0B - je Disrupt_b64.dll+A03B94
"Disrupt_b64.dll"+A03B89: 48 8B 41 20 - mov rax,[rcx+20]
"Disrupt_b64.dll"+A03B8D: 48 83 C1 20 - add rcx,20
"Disrupt_b64.dll"+A03B91: FF 50 10 - call qword ptr [rax+10]
"Disrupt_b64.dll"+A03B94: 48 83 C4 28 - add rsp,28
"Disrupt_b64.dll"+A03B98: C3 - ret
"Disrupt_b64.dll"+A03B99: CC - int 3
"Disrupt_b64.dll"+A03B9A: CC - int 3
"Disrupt_b64.dll"+A03B9B: CC - int 3
"Disrupt_b64.dll"+A03B9C: CC - int 3
}How to use this cheat table?
- Install Cheat Engine
- Double-click the .CT file in order to open it.
- Click the PC icon in Cheat Engine in order to select the game process.
- Keep the list.
- Activate the trainer options by checking boxes or setting values from 0 to 1