Far Cry New Dawn - table v: 1.0.13 CT

[l0wb1t]

...

I wonder if there's a way to force the health bars to be visible without needing to aiming on them to make them visible... hmm m

How to use this cheat table?

1. Install Cheat Engine
2. Double-click the .CT file in order to open it.
3. Click the PC icon in Cheat Engine in order to select the game process.
4. Keep the list.
5. Activate the trainer options by checking boxes or setting values from 0 to 1

[TimFun13]

I wonder if there's a way to force the health bars to be visible without needing to aiming on them to make them visible... hmm m

I bet there is but you might have to call a function with the entity, but you might get lucky and it just be a flag.


I made good progress at work yesterday and I'm actually off today, just installed the new card and the game is updating now.

[TimFun13]

Table Updated:

• v 1.0.10: Updated Table for game version "1.0.5"

[l0wb1t]

.....

Its not just a flag, if i check the adresses, only if i aim on them they become valid, and pop up in the Debugger, i tried tracing back and checked if there are a place where a check happens that push the adress into the code, but i wasn't lucky at all.

What about this? i know, this is Sexy :p
I'm manipulating the max icon visibility distance


Can be found here:

Code: Select all

FC_m64.dll+109AB2A3 - F3 41 0F10 0C 24      - movss xmm1,[r12] <------------ Icon on World Map coordinates ;) 
FC_m64.dll+109AB2A9 - 48 8D 4C 24 68        - lea rcx,[rsp+68]
FC_m64.dll+109AB2AE - F3 41 0F5C 0E         - subss xmm1,[r14]
FC_m64.dll+109AB2B3 - F3 41 0F10 44 24 04   - movss xmm0,[r12+04]
FC_m64.dll+109AB2BA - 45 0F57 D2            - xorps xmm10,xmm10
FC_m64.dll+109AB2BE - F3 41 0F5C 46 04      - subss xmm0,[r14+04]
FC_m64.dll+109AB2C4 - 0FB6 D8               - movzx ebx,al
FC_m64.dll+109AB2C7 - 88 44 24 42           - mov [rsp+42],al
FC_m64.dll+109AB2CB - F3 0F11 8D 90000000   - movss [rbp+00000090],xmm1
FC_m64.dll+109AB2D3 - F3 0F59 C9            - mulss xmm1,xmm1
FC_m64.dll+109AB2D7 - F3 0F11 85 94000000   - movss [rbp+00000094],xmm0
FC_m64.dll+109AB2DF - F3 0F59 C0            - mulss xmm0,xmm0
FC_m64.dll+109AB2E3 - F3 0F58 C1            - addss xmm0,xmm1
FC_m64.dll+109AB2E7 - F3 44 0F51 D0         - sqrtss xmm10,xmm0
FC_m64.dll+109AB2EC - E8 EFFBC3F0           - call FC_m64.dll+15EAEE0
FC_m64.dll+109AB2F1 - 48 8D 4C 24 68        - lea rcx,[rsp+68]
FC_m64.dll+109AB2F6 - F3 44 0F10 40 60      - movss xmm8,[rax+60] <-------------- Offset 60 is holding the Max Distance for icon Visibility
FC_m64.dll+109AB2FC - E8 DFFBC3F0           - call FC_m64.dll+15EAEE0
FC_m64.dll+109AB301 - F3 0F10 78 5C         - movss xmm7,[rax+5C]
FC_m64.dll+109AB306 - 80 FB 07              - cmp bl,07 { 7 }
FC_m64.dll+109AB309 - 0F85 C9000000         - jne FC_m64.dll+109AB3D8
FC_m64.dll+109AB30F - 48 8B 0D 926851F4     - mov rcx,[FC_m64.dll+4EC1BA8] { (24EC3030) }
FC_m64.dll+109AB316 - 48 89 4D 68           - mov [rbp+68],rcx
FC_m64.dll+109AB31A - 48 85 C9              - test rcx,rcx

Edit:
i seperated each icon Type with this:


RAX + 48 is holding a Pointer
From that Pointer +C you can seperate each Icon Type by their Name

I'm uploading it, spent the whole last night on that. Ready to Use i guess.



BTW, this code below only gets accessed when you aim on an Icon. Guess what? You can Teleport to the Icon you actually aim on

Code: Select all

FC_m64.dll+109AC4AF - 44 29 CA              - sub edx,r9d
FC_m64.dll+109AC4B2 - 48 8D 4C 24 48        - lea rcx,[rsp+48]
FC_m64.dll+109AC4B7 - 41 89 D0              - mov r8d,edx
FC_m64.dll+109AC4BA - 4C 89 CA              - mov rdx,r9
FC_m64.dll+109AC4BD - E8 6E1079EF           - call FC_m64.dll+13D530
FC_m64.dll+109AC4C2 - 41 B7 01              - mov r15l,01 { 1 }
FC_m64.dll+109AC4C5 - EB 03                 - jmp FC_m64.dll+109AC4CA
FC_m64.dll+109AC4C7 - 45 30 FF              - xor r15l,r15l
FC_m64.dll+109AC4CA - 45 84 E4              - test r12l,r12l
FC_m64.dll+109AC4CD - 74 15                 - je FC_m64.dll+109AC4E4
FC_m64.dll+109AC4CF - 80 BE A4020000 00     - cmp byte ptr [rsi+000002A4],00 { 0 }   <------------ This becomes 1, when you aim on a Icon in the world, each icon that is able to show meters above their symbol is affected by this :)
FC_m64.dll+109AC4D6 - 75 0C                 - jne FC_m64.dll+109AC4E4
FC_m64.dll+109AC4D8 - 41 0F28 CA            - movaps xmm1,xmm10
FC_m64.dll+109AC4DC - 48 89 F1              - mov rcx,rsi
FC_m64.dll+109AC4DF - E8 DCCE90F1           - call FC_m64.dll+22B93C0
FC_m64.dll+109AC4E4 - 80 7D 70 00           - cmp byte ptr [rbp+70],00 { 0 }
FC_m64.dll+109AC4E8 - 74 05                 - je FC_m64.dll+109AC4EF
FC_m64.dll+109AC4EA - 45 84 E4              - test r12l,r12l
FC_m64.dll+109AC4ED - 75 08                 - jne FC_m64.dll+109AC4F7
FC_m64.dll+109AC4EF - 48 89 F1              - mov rcx,rsi
FC_m64.dll+109AC4F2 - E8 39C18DF1           - call FC_m64.dll+2288630
FC_m64.dll+109AC4F7 - 80 BE CC020000 00     - cmp byte ptr [rsi+000002CC],00 { 0 }

I use it like this, because if i directly compared the Value at the place where i hooked (FC_m64.dll+109AB2A3 in my case), the cmp fails with directly comparing RSI+2A4 equals 1. So i made it like this:
Code1

Code: Select all

aobscanmodule(BaseIconAimedOn,FC_m64.dll,80 BE A4 02 00 00 00 75)
...
...
BaseIconAimedOnMem:
mov [_pAimedOnIcon],rsi = Getting Pointer for current aimed Icon
codeBaseIconAimedOn:
  cmp byte ptr [rsi+000002A4],00
  jmp returnBaseIconAimedOn

Code2

Code: Select all

aobscanmodule(_RandomMapIconLocation,FC_m64.dll,F3 41 0F 10 0C 24 48)
...
...
...
TeleToAimedAtIcon:
cmp rsi,[_pAimedOnIcon]
jne codeRandomMapIcon
push rbx
mov rbx,[r12]
mov [_MapIconX],rbx
mov rbx,[r12+04]
mov [_MapIconY],rbx
mov rbx,[r12+08]
mov [_MapIconZ],rbx
pop rbx

codeRandomMapIcon:
  movss xmm1,[r12]
  jmp returnRandomMapIcon

Now simply use the symbols in your teleporter code

[Manji]

works!

[l0wb1t]

Icon ESP For all Game version:

[l0wb1t]

Welding Torch Range Increase (already did that in Far Cry 4 )

Code: Select all

FC_m64.dll+ED07185 - 4C 8D 45 B8           - lea r8,[rbp-48]
FC_m64.dll+ED07189 - 31 D2                 - xor edx,edx
FC_m64.dll+ED0718B - E8 9081E4F2           - call FC_m64.dll+1B4F320
FC_m64.dll+ED07190 - 45 31 C0              - xor r8d,r8d
FC_m64.dll+ED07193 - 48 8D 4D A0           - lea rcx,[rbp-60]
FC_m64.dll+ED07197 - 41 8D 50 23           - lea edx,[r8+23]
FC_m64.dll+ED0719B - E8 40009BF1           - call FC_m64.dll+6B71E0
FC_m64.dll+ED071A0 - 48 8B 4E 50           - mov rcx,[rsi+50]
FC_m64.dll+ED071A4 - 45 31 C9              - xor r9d,r9d
FC_m64.dll+ED071A7 - 48 89 5C 24 68        - mov [rsp+68],rbx
FC_m64.dll+ED071AC - 48 89 5C 24 70        - mov [rsp+70],rbx
FC_m64.dll+ED071B1 - F3 0F10 91 D4070000   - movss xmm2,[rcx+000007D4] <------------- 7D4 = Welding Torch Range
FC_m64.dll+ED071B9 - 41 8D 51 17           - lea edx,[r9+17]
FC_m64.dll+ED071BD - E8 0EAFD3F2           - call FC_m64.dll+1A420D0
FC_m64.dll+ED071C2 - F3 0F10 5D B8         - movss xmm3,[rbp-48]
FC_m64.dll+ED071C7 - 4C 8D 4C 24 68        - lea r9,[rsp+68]
FC_m64.dll+ED071CC - F3 0F10 4D C0         - movss xmm1,[rbp-40]
FC_m64.dll+ED071D1 - 4C 8D 45 D8           - lea r8,[rbp-28]
FC_m64.dll+ED071D5 - F3 0F10 55 BC         - movss xmm2,[rbp-44]
FC_m64.dll+ED071DA - 48 8D 55 E8           - lea rdx,[rbp-18]
FC_m64.dll+ED071DE - F3 0F59 C8            - mulss xmm1,xmm0
FC_m64.dll+ED071E2 - 4C 89 E9              - mov rcx,r13
FC_m64.dll+ED071E5 - C7 44 24 30 0B000000  - mov [rsp+30],0000000B { 11 }
FC_m64.dll+ED071ED - F3 0F59 D8            - mulss xmm3,xmm0
FC_m64.dll+ED071F1 - 4C 89 64 24 28        - mov [rsp+28],r12
FC_m64.dll+ED071F6 - F3 0F59 D0            - mulss xmm2,xmm0
FC_m64.dll+ED071FA - F3 0F11 4D D0         - movss [rbp-30],xmm1

Ok here's something intresting Weapon Damage

From your Magazine Base +58 is a Pointer. From that pointer + 4B0 = Weapon Damage
Shotgun fire Multiple Bullets, so to make it work for all Shotgun Shells you need to change offset 680 aswell

Code: Select all

FC_m64.dll+ED0C281 - FF 90 90000000        - call qword ptr [rax+00000090]
FC_m64.dll+ED0C287 - F3 41 0F10 B7 A4000000  - movss xmm6,[r15+000000A4]
FC_m64.dll+ED0C290 - 0F57 FF               - xorps xmm7,xmm7
FC_m64.dll+ED0C293 - 48 8B 4B 50           - mov rcx,[rbx+50]
FC_m64.dll+ED0C297 - F3 41 0F5C B7 A0000000  - subss xmm6,[r15+000000A0] <------------- Here it accessses Weapon Damage Values
FC_m64.dll+ED0C2A0 - E8 5B8A8BF2           - call FC_m64.dll+15C4D00
FC_m64.dll+ED0C2A5 - 48 8D 70 18           - lea rsi,[rax+18]
FC_m64.dll+ED0C2A9 - 48 85 C0              - test rax,rax

i have it simply done like this, so i dont even neeed to compare anything. (I'm using my No Reload Hook for this)



Since the Welding torch doesn't get called by the code i use, here's a code that acesses welding torch damage

Code: Select all

"FC_m64.dll"+EFCC140: 48 8B 57 50                    -  mov rdx,[rdi+50]
"FC_m64.dll"+EFCC144: 48 8D 8D B0 00 00 00           -  lea rcx,[rbp+000000B0]
"FC_m64.dll"+EFCC14B: 48 83 C2 08                    -  add rdx,08
"FC_m64.dll"+EFCC14F: E8 BC EC B4 F1                 -  call FC_m64.dll+B1AE10
"FC_m64.dll"+EFCC154: 48 8B 87 E8 00 00 00           -  mov rax,[rdi+000000E8]
"FC_m64.dll"+EFCC15B: 48 8D 8D B0 00 00 00           -  lea rcx,[rbp+000000B0]
"FC_m64.dll"+EFCC162: 45 31 C0                       -  xor r8d,r8d
// ---------- INJECTING HERE ----------
"FC_m64.dll"+EFCC165: F3 0F 10 88 18 01 00 00        -  movss xmm1,[rax+00000118] <-------------- THIS
// ---------- DONE INJECTING  ----------
"FC_m64.dll"+EFCC16D: E8 9E 3F C9 F1                 -  call FC_m64.dll+C60110
"FC_m64.dll"+EFCC172: F3 41 0F 10 06                 -  movss xmm0,[r14]
"FC_m64.dll"+EFCC177: 48 8D 8D B0 00 00 00           -  lea rcx,[rbp+000000B0]
"FC_m64.dll"+EFCC17E: F3 41 0F 10 4E 04              -  movss xmm1,[r14+04]
"FC_m64.dll"+EFCC184: 4C 89 F2                       -  mov rdx,r14
"FC_m64.dll"+EFCC187: F3 0F 11 85 E0 00 00 00        -  movss [rbp+000000E0],xmm0
"FC_m64.dll"+EFCC18F: F3 41 0F 10 46 08              -  movss xmm0,[r14+08]

Thats the ultimate trolling weapon when you increase the range and damage xD


Here's a working Ethanol Only Script. Wipe out an outpost, and check your Ethanol
Credits to @SunBeam for posting the Location where i make my Hook.

Code: Select all

[ENABLE]
aobscanmodule(_Ethanol,FC_m64.dll,14 4C 8B 00 44 89 EA) // should be unique
alloc(newmem,$1000,FC_m64.dll)

newmem:

code:
  mov r8,[rax]
  mov edx,r13d
  cmp r13d,270f
  je ReturnCode
  cmp r9,D // Ethanol
  jne ReturnCode
  mov edx,#9999999
  jmp return


ReturnCode:
  jmp return

_Ethanol+01:
  jmp newmem
  nop
return:
registersymbol(_Ethanol)

[DISABLE]

_Ethanol+01:
  db 4C 8B 00 44 89 EA

unregistersymbol(_Ethanol)
dealloc(newmem)

[xorps]

so increase the power of fire and the whole map will burn

Code: Select all

"FC_m64.dll"+BC965D4: 4C 89 F2                 -  mov rdx,r14
"FC_m64.dll"+BC965D7: 48 89 F1                 -  mov rcx,rsi
// ---------- INJECTING HERE ----------
"FC_m64.dll"+BC965DA: F3 0F 10 B8 D8 00 00 00  -  movss xmm7,[rax+000000D8]
// ---------- DONE INJECTING  ----------
"FC_m64.dll"+BC965E2: 0F 28 D7                 -  movaps xmm2,xmm7
"FC_m64.dll"+BC965E5: F3 0F 59 15 CB A0 4D F8  -  mulss xmm2,[FC_m64.dll+41706B8]

[TimFun13]

so increase the power of fire and the whole map will burn

Code: Select all

"FC_m64.dll"+BC965D4: 4C 89 F2                 -  mov rdx,r14
"FC_m64.dll"+BC965D7: 48 89 F1                 -  mov rcx,rsi
// ---------- INJECTING HERE ----------
"FC_m64.dll"+BC965DA: F3 0F 10 B8 D8 00 00 00  -  movss xmm7,[rax+000000D8]
// ---------- DONE INJECTING  ----------
"FC_m64.dll"+BC965E2: 0F 28 D7                 -  movaps xmm2,xmm7
"FC_m64.dll"+BC965E5: F3 0F 59 15 CB A0 4D F8  -  mulss xmm2,[FC_m64.dll+41706B8]

I'm really going to have to try this one, it just sounds like good fun to me.

[xorps]

Civilians die from this and scriptabana death is coming
Too large area covered by fire.
Damage just add to the fire... Today I will look for the function of the burner, its distance!
Weapon distance, called from here. +08

Code: Select all

F3 0F 10 * * * * * F3 0F 59 B0 84 05 00 00 41 0F 2F

weapon damage.

Code: Select all

"FC_m64.dll"+C74FAD0: 48 85 C0                 -  test rax,rax
"FC_m64.dll"+C74FAD3: 74 08                    -  je FC_m64.dll+C74FADD
// ---------- INJECTING HERE ----------
"FC_m64.dll"+C74FAD5: F3 0F 59 B0 E8 02 00 00  -  mulss xmm6,[rax+000002E8]
// ---------- DONE INJECTING  ----------
"FC_m64.dll"+C74FADD: 48 8B 06                 -  mov rax,[rsi]

Super reload weapon +0C - float 0.1 in both cases

Code: Select all

F3 0F 10 * * * * F3 0F 10 * * 0F 57 C0 0F 2F F0 * * 0F 2F * * * F3 0F 10

Code: Select all

F3 0F 10 91 48 02 00 00 48 89 * 48 89 * 41

damage jump 90h 90h 90h 90h

Code: Select all

48 * * * * * * * F3 0F * * * * * 48 * * * * * * * * * * 48 8B * * * * * * * * 0F 2F * F3 0F 10 * * * * * * * 48 8B

super sprint

Code: Select all

8B 80 BC 01 00 00 89 87 * * * * 8B 86 * * * * 89 87

[l0wb1t]

Today I will look for the function of the burner, its distance!

Just bypass Civilian Kill Penalty. I already posted it here.

By burner, do you mean the welding Torch or flamethrower?
If you mean welding torch, I already posted the distance of the welding torch as well.

BTW nice finds, going to test the fire power thing

[xorps]

There in structure there is distance, on which acts the fire. I mean.... Distance like a grenade blast wave
Sorry for my English super reload on FC5 game

Spoiler

https://www.youtube.com/watch?v=ms4PddGChJw

[l0wb1t]

...

Howdid you made, that all Enemys become their arrow above the head, like you aimed on them. The One i have made, works for some enemys, but not all. They will be shown on the compass Would be cool if you can give some infos.

Magazine Base + 7E0 = Bullet Drop (gravity)

[xorps]

l0wb1t
So this is a game feature... Skill

Code: Select all

48 8B 51 10 F3 0F 10 82 60 09 00 00

I have not yet found how to do it in this game.. But here is the structure of this function.. And this is the maximum bar time.
And here is the display field

Code: Select all

48 8B 41 10 F3 0F 10 80 70 09 00 * C3

We need to see what triggers this function here

Spoiler

Code: Select all

define(address,"FC_m64.dll"+116407F1)
define(bytes,E8 2A AC C8 F0)

[ENABLE]

assert(address,bytes)
alloc(newmem,$1000,"FC_m64.dll"+116407F1)

label(code)
label(return)

newmem:

code:
  call FC_m64.dll+22CB420
  jmp return

address:
  jmp newmem
return:

[DISABLE]

address:
  db bytes
  // call FC_m64.dll+22CB420

dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: "FC_m64.dll"+116407F1

"FC_m64.dll"+116407CD: 48 89 F1              -  mov rcx,rsi
"FC_m64.dll"+116407D0: E8 DB B9 C8 F0        -  call FC_m64.dll+22CC1B0
"FC_m64.dll"+116407D5: 4D 89 F0              -  mov r8,r14
"FC_m64.dll"+116407D8: 0F 28 CE              -  movaps xmm1,xmm6
"FC_m64.dll"+116407DB: 48 89 F1              -  mov rcx,rsi
"FC_m64.dll"+116407DE: E8 3D 1C C9 F0        -  call FC_m64.dll+22D2420
"FC_m64.dll"+116407E3: 48 89 F1              -  mov rcx,rsi
"FC_m64.dll"+116407E6: E8 C5 B8 C8 F0        -  call FC_m64.dll+22CC0B0
"FC_m64.dll"+116407EB: 0F 28 CE              -  movaps xmm1,xmm6
"FC_m64.dll"+116407EE: 48 89 F1              -  mov rcx,rsi
// ---------- INJECTING HERE ----------
"FC_m64.dll"+116407F1: E8 2A AC C8 F0        -  call FC_m64.dll+22CB420
// ---------- DONE INJECTING  ----------
"FC_m64.dll"+116407F6: E9 46 FF FF FF        -  jmp FC_m64.dll+11640741
"FC_m64.dll"+116407FB: 48 8B 4E 18           -  mov rcx,[rsi+18]
"FC_m64.dll"+116407FF: 31 D2                 -  xor edx,edx
"FC_m64.dll"+11640801: 48 8B 01              -  mov rax,[rcx]
"FC_m64.dll"+11640804: FF 90 B8 00 00 00     -  call qword ptr [rax+000000B8]
"FC_m64.dll"+1164080A: E9 37 FF FF FF        -  jmp FC_m64.dll+11640746
"FC_m64.dll"+1164080F: CC                    -  int 3 
"FC_m64.dll"+11640810: 4C 8B 3C 24           -  mov r15,[rsp]
"FC_m64.dll"+11640814: 48 83 C4 08           -  add rsp,08
"FC_m64.dll"+11640818: 48 8B 34 24           -  mov rsi,[rsp]
}

This feature is triggered when you aim the cross hairs

Code: Select all

movzx eax,byte ptr [rcx+000002B0]

if there is 0 then the enemy is spotted

Spoiler

Code: Select all

[ENABLE]
aobscanmodule(Hook,FC_m64.dll,48 83 EC * 0F B6 81 B0 02 00 00 * * * * * * * * * * * F3 0F 10)
Hook+04:
  db 31 C0 90 90 90 90 90
registersymbol(Hook)
[DISABLE]
Hook+04:
  db 0F B6 81 B0 02 00 00
unregistersymbol(Hook)

Figured out how to do
Here is the flag of rendering of enemies

Spoiler

Code: Select all

[ENABLE]
aobscanmodule(Hook,FC_m64.dll,48 83 EC * 0F B6 81 B0 02 00 00 * * * * * * * * * * * F3 0F 10)
Hook+04:
  db 31 C0 90 90 90 90 90
registersymbol(Hook)
[DISABLE]
Hook+04:
  db 0F B6 81 B0 02 00 00
unregistersymbol(Hook)

Here is an overview of the camera

Spoiler

Code: Select all

[ENABLE]
aobscanmodule(_Hack_,FC_m64.dll,48 8B 41 10 F3 0F 10 80 70 09 00 00 C3)
alloc(_Hackmem_,$1000,_Hack_)
label(_Hack_back)
_Hackmem_:
mov [rax+00000970],(float)1
movss xmm0,[rax+00000970]
jmp _Hack_back
_Hack_+04:
jmp _Hackmem_
db 90 90 90
_Hack_back:
registersymbol(_Hack_)
[DISABLE]
_Hack_+04:
db F3 0F 10 80 70 09 00 00
unregistersymbol(_Hack_)
dealloc(_Hackmem_)

Here the distance at which to draw the enemy

Spoiler

Code: Select all

[ENABLE]
aobscanmodule(_Hacke_,FC_m64.dll,F3 0F 10 86 60 03 00 00)
alloc(_Hacke_mem,$1000,_Hacke_)
label(_Hacke_back)
_Hacke_mem:
mov [rsi+00000360],(float)50
movss xmm0,[rsi+00000360]
jmp _Hacke_back
_Hacke_:
jmp _Hacke_mem
db 90 90 90
_Hacke_back:
registersymbol(_Hacke_)
[DISABLE]
_Hacke_:
db F3 0F 10 86 60 03 00 00
unregistersymbol(_Hacke_)
dealloc(_Hacke_mem)

This is still an option.. but no more. Will have to sit and think how to do better
Distance many only not need to. At 250 normally

[l0wb1t]

I hook 2 places to make it work. I'm going to post mine later. Maybe I'm just missing the distance thing you posted.

Those are the locations i hook:

Code: Select all

aobscanmodule(_ShowEnemyOnCompass,FC_m64.dll,0F B6 80 5B 01 00 00)
aobscanmodule(_ShowEnemysOnCompass2,FC_m64.dll,44 0F B6 B8 59 01 00 00)

in both of them i use:

Code: Select all

CompassMem:
cmp byte ptr [_enableShowEnemysOnCompass],1
jne codeCompass
//mov byte ptr [rax+00000280],#1
mov byte ptr [rax+00000169],#1
mov byte ptr [rax+00000159],#1
mov byte ptr [rax+0000030b],#0
mov [rax+0000035C],(float)0.05
mov [rax+00000360],(float)0.05
codeCompass:
  movzx eax,byte ptr [rax+0000015B]
  jmp returnCompass

ShowEnemysOnCompass2Mem:
cmp [_enableShowEnemysOnCompass],1
jne codeShowEnemysOnCompass2
mov byte ptr [rax+00000169],#1
mov byte ptr [rax+00000159],#1
mov byte ptr [rax+0000030b],#0
mov [rax+0000035C],(float)0.05
mov [rax+00000360],(float)0.05
codeShowEnemysOnCompass2:
  movzx r15d,byte ptr [rax+00000159]
  jmp returnShowEnemysOnCompass2

169 = Icon Color (0 = White, 1 = Red)
198 = Time until Spot?
159 = Spotted Flag? (Compass)
35C = Icon Size X
360 = Icon Size Y
3B8 = Icon Type (0 = White Circle