[ENABLE]
alloc(newmem,2048) //2kb should be enough
label(returnhere)
label(originalcode)
label(exit)
newmem: //this is allocated memory, you have read,write,execute access
//place your code here
push eax
push edi
mov eax, ["DATA.exe"+00F49020]
mov eax, [eax+18]
mov eax, [eax+228]
mov eax, [eax+270]
mov eax, [eax+14]
movq xmm0, [eax+a0]
movq [edx], xmm0
movq xmm0, [eax+a8]
movq [edx+8], xmm0
pop edi
pop eax
originalcode:
exit:
jmp returnhere
Aobscan(subs,8B 44 24 04 F3 0F 7E 80 D0 00 00 00 66 0F D6 02 F3 0F 7E 80 D8 00 00 00 66 0F D6 42 08 F3 0F 7E 80 E0 00 00 00 66 0F D6 01 F3 0F 7E 80 E8 00 00 00 66 0F D6 41 08 C2 04 00)
subs:
mov eax,[esp+04]
movq xmm0,[eax+000000D0]
jmp newmem
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
nop
returnhere:
[DISABLE]
Aobscan(subs2, 8B 44 24 04 F3 0F 7E 80 D0 00 00 00 E9 ?? ?? ?? ?? 90 90 90 90 90 90 90 90 90 90 90 90 F3 0F 7E 80 E0 00 00 00 66 0F D6 01 F3 0F 7E 80 E8 00 00 00 66 0F D6 41 08 C2 04 00)
subs2:
mov eax,[esp+04]
movq xmm0,[eax+000000D0]
movq [edx],xmm0
movq xmm0,[eax+000000D8]
movq [edx+08],xmm0