State of Decay 2: Juggernaut Edition

Game current version: 2.384.867.0 (15.1) - Build 384867

The dead have risen and civilization has fallen. Now it's up to you to gather survivors, scavenge for resources and build a community with up to three of your friends in a post-apocalyptic world – a world where you define what it means to survive in this ultimate zombie survival simulation.

State of Decay 2: Juggernaut Editionsteam

Buy State of Decay 2: Juggernaut Edition | Xboxwww.microsoft.com

Steam         : %localappdata%\StateOfDecay2\Saved\SaveGames\
Windows Store : %localappdata%\Packages\Microsoft.Dayton(Numbers&Letters)\SystemAppData\wgs
Epic Games    :
Crack (Steam) : %localappdata%\StateOfDecay2\Saved\SaveGames\8877665544332222
Crack (Xbox)  : %localappdata%\StateOfDecay2\Saved\SaveGames\ {your Xbox ID}
Linux (Proton): <Steam-folder>/steamapps/compatdata/495420/pfx/

Cheat Table: StateOfDecay2-Win64-Shipping_Release_Beta_v4 - File size: 246 KB

Table made by: JDimensional

Bounty Broker pointers by Racer83 :

StateOfDecay2-Win64-Shipping - Bounty Task Pointers

Inf HP and Bounties by aanpsx :

StateOfDecay2-Win64-Shipping (Currently only works with Steam version)

Compatible with: Steam/Epic/Windows Store

REQUIRES CE 7.0+

Trainer: Fling - File size: 760 KB

Zero Weight: If you’are overburdened, after activating this option, drop or pick up something to remove the overburdened effect.
Easy Level Up: When you gain XP for a skill/stat, it will instantly level up to max.
Daytime -1 Hour: Note when decreasing time, the day count will always increase by 1.

Compatible with: Steam/Epic/Windows Store

Optional Scripts

Scripts by SovietWristwatch.jpg

Instantly complete ALL active Bounties upon 1 zombie kill:

{ Game   : State of Decay 2 - Windows Store
  Version: v2.384.867.0
  Date   : 2020-03-10
  Author : SovietWristwatch.jpg
}

[ENABLE]
aobscanmodule(instantBounties,StateOfDecay2-Win64-Shipping.exe,39 43 08 7D 62)
alloc(newmem,$1000,instantBounties)

label(code)
label(return)

newmem:

code:
  cmp [rbx+08],eax
  jmp StateOfDecay2-Win64-Shipping.exe+368FDD
  jmp return

instantBounties:
  jmp newmem
return:
registersymbol(instantBounties)

[DISABLE]
instantBounties:
  db 39 43 08 7D 62

unregistersymbol(instantBounties)
dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: "StateOfDecay2-Win64-Shipping.exe"+368F76

"StateOfDecay2-Win64-Shipping.exe"+368F4B: 4C 63 76 38              -  movsxd  r14,dword ptr [rsi+38]
"StateOfDecay2-Win64-Shipping.exe"+368F4F: 49 C1 E6 04              -  shl r14,04
"StateOfDecay2-Win64-Shipping.exe"+368F53: 4C 03 F3                 -  add r14,rbx
"StateOfDecay2-Win64-Shipping.exe"+368F56: 49 3B DE                 -  cmp rbx,r14
"StateOfDecay2-Win64-Shipping.exe"+368F59: 0F 84 96 00 00 00        -  je StateOfDecay2-Win64-Shipping.exe+368FF5
"StateOfDecay2-Win64-Shipping.exe"+368F5F: 44 8B BC 24 80 00 00 00  -  mov r15d,[rsp+00000080]
"StateOfDecay2-Win64-Shipping.exe"+368F67: 4C 8B 64 24 78           -  mov r12,[rsp+78]
"StateOfDecay2-Win64-Shipping.exe"+368F6C: 0F 1F 40 00              -  nop [rax+00]
"StateOfDecay2-Win64-Shipping.exe"+368F70: 48 8B 13                 -  mov rdx,[rbx]
"StateOfDecay2-Win64-Shipping.exe"+368F73: 8B 42 78                 -  mov eax,[rdx+78]
// ---------- INJECTING HERE ----------
"StateOfDecay2-Win64-Shipping.exe"+368F76: 39 43 08                 -  cmp [rbx+08],eax
"StateOfDecay2-Win64-Shipping.exe"+368F79: 7D 62                    -  jnl StateOfDecay2-Win64-Shipping.exe+368FDD
// ---------- DONE INJECTING  ----------
"StateOfDecay2-Win64-Shipping.exe"+368F7B: 48 8B 42 10              -  mov rax,[rdx+10]
"StateOfDecay2-Win64-Shipping.exe"+368F7F: 4D 8D 84 24 88 00 00 00  -  lea r8,[r12+00000088]
"StateOfDecay2-Win64-Shipping.exe"+368F87: 49 63 48 08              -  movsxd  rcx,dword ptr [r8+08]
"StateOfDecay2-Win64-Shipping.exe"+368F8B: 3B 88 90 00 00 00        -  cmp ecx,[rax+00000090]
"StateOfDecay2-Win64-Shipping.exe"+368F91: 7F 47                    -  jg StateOfDecay2-Win64-Shipping.exe+368FDA
"StateOfDecay2-Win64-Shipping.exe"+368F93: 48 8B 80 88 00 00 00     -  mov rax,[rax+00000088]
"StateOfDecay2-Win64-Shipping.exe"+368F9A: 4C 39 04 C8              -  cmp [rax+rcx*8],r8
"StateOfDecay2-Win64-Shipping.exe"+368F9E: 75 3A                    -  jne StateOfDecay2-Win64-Shipping.exe+368FDA
"StateOfDecay2-Win64-Shipping.exe"+368FA0: 49 8B 4D 08              -  mov rcx,[r13+08]
"StateOfDecay2-Win64-Shipping.exe"+368FA4: 48 89 54 24 28           -  mov [rsp+28],rdx
}

Scripts by SovietWristwatch.jpg

No Trauma & No Injuries (supplement to Unlimited Health, will prevent instant death from teleporting and Freak zombies) BEWARE: If you use these two scripts, be sure to ALWAYS activate them BOTH before loading your save or might instantly die when loading in:

{ Game   : State of Decay 2 - Windows Store
  Version: v2.384.867.0
  Date   : 2020-03-10
  Author : SovietWristwatch.jpg
}

[ENABLE]
aobscanmodule(noTrauma,StateOfDecay2-Win64-Shipping.exe,F3 0F 11 89 74 04 00 00)
alloc(newmem,$1000,noTrauma)

label(code)
label(return)

newmem:
  cmp [rcx+C4],#391 // filter player/hostile humans
  jne code
  cmp [rcx+43C],#391
  jne code
  //cmp [rcx+1D0],1 // filter player/hostile humans
  //jne code
  //cmp [rcx+1D4],1 // filter player/hostile humans
  //jne code
  mov [rcx+00000474],(float)0
  jmp return

code:
  movss [rcx+00000474],xmm1
  jmp return

noTrauma:
  jmp newmem
  nop 3
return:
registersymbol(noTrauma)

[DISABLE]
noTrauma:
  db F3 0F 11 89 74 04 00 00

unregistersymbol(noTrauma)
dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: "StateOfDecay2-Win64-Shipping.exe"+21C2C3

"StateOfDecay2-Win64-Shipping.exe"+21C29F: 48 89 5C 24 70                    -  mov [rsp+70],rbx
"StateOfDecay2-Win64-Shipping.exe"+21C2A4: 0F 29 74 24 50                    -  movaps [rsp+50],xmm6
"StateOfDecay2-Win64-Shipping.exe"+21C2A9: 49 8B F8                          -  mov rdi,r8
"StateOfDecay2-Win64-Shipping.exe"+21C2AC: 48 8B D9                          -  mov rbx,rcx
"StateOfDecay2-Win64-Shipping.exe"+21C2AF: 0F 57 F6                          -  xorps xmm6,xmm6
"StateOfDecay2-Win64-Shipping.exe"+21C2B2: 0F 2F CE                          -  comiss xmm1,xmm6
"StateOfDecay2-Win64-Shipping.exe"+21C2B5: 73 03                             -  jae StateOfDecay2-Win64-Shipping.exe+21C2BA
"StateOfDecay2-Win64-Shipping.exe"+21C2B7: 0F 28 CE                          -  movaps xmm1,xmm6
"StateOfDecay2-Win64-Shipping.exe"+21C2BA: 0F 2E 89 74 04 00 00              -  ucomiss xmm1,[rcx+00000474]
"StateOfDecay2-Win64-Shipping.exe"+21C2C1: 74 73                             -  je StateOfDecay2-Win64-Shipping.exe+21C336
// ---------- INJECTING HERE ----------
"StateOfDecay2-Win64-Shipping.exe"+21C2C3: F3 0F 11 89 74 04 00 00           -  movss [rcx+00000474],xmm1
// ---------- DONE INJECTING  ----------
"StateOfDecay2-Win64-Shipping.exe"+21C2CB: 48 81 C1 30 07 00 00              -  add rcx,00000730
"StateOfDecay2-Win64-Shipping.exe"+21C2D2: B2 07                             -  mov dl,07
"StateOfDecay2-Win64-Shipping.exe"+21C2D4: E8 47 3D FF FF                    -  call StateOfDecay2-Win64-Shipping.exe+210020
"StateOfDecay2-Win64-Shipping.exe"+21C2D9: 0F 2E B3 74 04 00 00              -  ucomiss xmm6,[rbx+00000474]
"StateOfDecay2-Win64-Shipping.exe"+21C2E0: 75 54                             -  jne StateOfDecay2-Win64-Shipping.exe+21C336
"StateOfDecay2-Win64-Shipping.exe"+21C2E2: 33 C0                             -  xor eax,eax
"StateOfDecay2-Win64-Shipping.exe"+21C2E4: 48 89 44 24 38                    -  mov [rsp+38],rax
"StateOfDecay2-Win64-Shipping.exe"+21C2E9: 48 89 44 24 40                    -  mov [rsp+40],rax
"StateOfDecay2-Win64-Shipping.exe"+21C2EE: 48 8D 57 40                       -  lea rdx,[rdi+40]
"StateOfDecay2-Win64-Shipping.exe"+21C2F2: 48 8D 05 17 55 3D 03              -  lea rax,[StateOfDecay2-Win64-Shipping.exe+35F1810]
}

{ Game   : State of Decay 2 - Windows Store
  Version: v2.384.867.0
  Date   : 2020-03-10
  Author : SovietWristwatch.jpg
}

[ENABLE]
aobscanmodule(noInjury,StateOfDecay2-Win64-Shipping.exe,F3 0F 11 84 87 D0 02 00 00)
alloc(newmem,$1000,noInjury)

label(code)
label(return)

newmem:
cmp rax,7
jne code
cmp [rdi+24],#391 // filter player/hostile humans
jne code
mov [rdi+rax*4+000002D0],(float)0
jmp return

code:
  movss [rdi+rax*4+000002D0],xmm0
  jmp return

noInjury:
  jmp newmem
  nop 4
return:
registersymbol(noInjury)

[DISABLE]
noInjury:
  db F3 0F 11 84 87 D0 02 00 00

unregistersymbol(noInjury)
dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: "StateOfDecay2-Win64-Shipping.exe"+216B2E

"StateOfDecay2-Win64-Shipping.exe"+216B08: 41 FF 50 10                 -  call qword ptr [r8+10]
"StateOfDecay2-Win64-Shipping.exe"+216B0C: 4C 8B 06                    -  mov r8,[rsi]
"StateOfDecay2-Win64-Shipping.exe"+216B0F: 8B D3                       -  mov edx,ebx
"StateOfDecay2-Win64-Shipping.exe"+216B11: 48 8B CE                    -  mov rcx,rsi
"StateOfDecay2-Win64-Shipping.exe"+216B14: 0F B6 E8                    -  movzx ebp,al
"StateOfDecay2-Win64-Shipping.exe"+216B17: 41 FF 50 08                 -  call qword ptr [r8+08]
"StateOfDecay2-Win64-Shipping.exe"+216B1B: 40 80 FD 94                 -  cmp bpl,-6C
"StateOfDecay2-Win64-Shipping.exe"+216B1F: 73 16                       -  jae StateOfDecay2-Win64-Shipping.exe+216B37
"StateOfDecay2-Win64-Shipping.exe"+216B21: 40 0F B6 C5                 -  movzx eax,bpl
"StateOfDecay2-Win64-Shipping.exe"+216B25: F3 0F 58 84 87 D0 02 00 00  -  addss xmm0,[rdi+rax*4+000002D0]
// ---------- INJECTING HERE ----------
"StateOfDecay2-Win64-Shipping.exe"+216B2E: F3 0F 11 84 87 D0 02 00 00  -  movss [rdi+rax*4+000002D0],xmm0
// ---------- DONE INJECTING  ----------
"StateOfDecay2-Win64-Shipping.exe"+216B37: FF C3                       -  inc ebx
"StateOfDecay2-Win64-Shipping.exe"+216B39: 41 3B DE                    -  cmp ebx,r14d
"StateOfDecay2-Win64-Shipping.exe"+216B3C: 7C C2                       -  jl StateOfDecay2-Win64-Shipping.exe+216B00
"StateOfDecay2-Win64-Shipping.exe"+216B3E: 49 83 C7 08                 -  add r15,08
"StateOfDecay2-Win64-Shipping.exe"+216B42: 4D 3B FD                    -  cmp r15,r13
"StateOfDecay2-Win64-Shipping.exe"+216B45: 75 9E                       -  jne StateOfDecay2-Win64-Shipping.exe+216AE5
"StateOfDecay2-Win64-Shipping.exe"+216B47: 4C 8B 74 24 28              -  mov r14,[rsp+28]
"StateOfDecay2-Win64-Shipping.exe"+216B4C: 48 8B 74 24 60              -  mov rsi,[rsp+60]
"StateOfDecay2-Win64-Shipping.exe"+216B51: 48 8B 6C 24 58              -  mov rbp,[rsp+58]
"StateOfDecay2-Win64-Shipping.exe"+216B56: 48 8B 5C 24 50              -  mov rbx,[rsp+50]
}

Scripts by SovietWristwatch.jpg

Instantly Complete Daybreak Wave:

{ Game   : State of Decay 2 - Windows Store
  Version: v2.384.867.0
  Date   : 2020-03-10
  Author : SovietWristwatch.jpg
}

[ENABLE]
aobscanmodule(daybreakTimer,StateOfDecay2-Win64-Shipping.exe,F3 0F 11 81 C8 01 00 00)
alloc(newmem,$1000,daybreakTimer)

label(code)
label(return)

newmem:
  sub [rcx+000001C8],(float)1
  jmp return

code:
  movss [rcx+000001C8],xmm0
  jmp return

daybreakTimer:
  jmp newmem
  nop 3
return:
registersymbol(daybreakTimer)

[DISABLE]
daybreakTimer:
  db F3 0F 11 81 C8 01 00 00

unregistersymbol(daybreakTimer)
dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: "StateOfDecay2-Win64-Shipping.exe"+57AEA4

"StateOfDecay2-Win64-Shipping.exe"+57AE7F: 48 83 C4 30              -  add rsp,30
"StateOfDecay2-Win64-Shipping.exe"+57AE83: 5B                       -  pop rbx
"StateOfDecay2-Win64-Shipping.exe"+57AE84: C3                       -  ret 
"StateOfDecay2-Win64-Shipping.exe"+57AE85: F3 0F 10 81 C8 01 00 00  -  movss xmm0,[rcx+000001C8]
"StateOfDecay2-Win64-Shipping.exe"+57AE8D: 0F 57 C9                 -  xorps xmm1,xmm1
"StateOfDecay2-Win64-Shipping.exe"+57AE90: 48 89 7C 24 40           -  mov [rsp+40],rdi
"StateOfDecay2-Win64-Shipping.exe"+57AE95: 33 FF                    -  xor edi,edi
"StateOfDecay2-Win64-Shipping.exe"+57AE97: 0F 2F C1                 -  comiss xmm0,xmm1
"StateOfDecay2-Win64-Shipping.exe"+57AE9A: 0F 86 85 00 00 00        -  jbe StateOfDecay2-Win64-Shipping.exe+57AF25
"StateOfDecay2-Win64-Shipping.exe"+57AEA0: F3 0F 5C C6              -  subss xmm0,xmm6
// ---------- INJECTING HERE ----------
"StateOfDecay2-Win64-Shipping.exe"+57AEA4: F3 0F 11 81 C8 01 00 00  -  movss [rcx+000001C8],xmm0
// ---------- DONE INJECTING  ----------
"StateOfDecay2-Win64-Shipping.exe"+57AEAC: 40 38 B8 B0 00 00 00     -  cmp [rax+000000B0],dil
"StateOfDecay2-Win64-Shipping.exe"+57AEB3: 74 70                    -  je StateOfDecay2-Win64-Shipping.exe+57AF25
"StateOfDecay2-Win64-Shipping.exe"+57AEB5: 39 78 40                 -  cmp [rax+40],edi
"StateOfDecay2-Win64-Shipping.exe"+57AEB8: 75 05                    -  jne StateOfDecay2-Win64-Shipping.exe+57AEBF
"StateOfDecay2-Win64-Shipping.exe"+57AEBA: 39 78 44                 -  cmp [rax+44],edi
"StateOfDecay2-Win64-Shipping.exe"+57AEBD: 74 66                    -  je StateOfDecay2-Win64-Shipping.exe+57AF25
"StateOfDecay2-Win64-Shipping.exe"+57AEBF: 48 39 B9 E0 01 00 00     -  cmp [rcx+000001E0],rdi
"StateOfDecay2-Win64-Shipping.exe"+57AEC6: 75 3B                    -  jne StateOfDecay2-Win64-Shipping.exe+57AF03
"StateOfDecay2-Win64-Shipping.exe"+57AEC8: 48 8B 89 10 01 00 00     -  mov rcx,[rcx+00000110]
"StateOfDecay2-Win64-Shipping.exe"+57AECF: 48 8B 40 40              -  mov rax,[rax+40]
}

Scripts by SovietWristwatch.jpg

Instantly Complete Daybreak Wave (alternative) Setup your own hotkey to enable the script. It will complete the wave every time you press the hotkey, giving you time to collect the drops, selectively skip waves, etc:

{ Game   : State of Decay 2 - Windows Store
  Version: v2.384.867.0
  Date   : 2020-03-10
  Author : SovietWristwatch.jpg
}

[ENABLE]
aobscanmodule(daybreakTimer,StateOfDecay2-Win64-Shipping.exe,F3 0F 11 81 C8 01 00 00)
alloc(newmem,$1000,daybreakTimer)

label(code)
label(return)

newmem:
  sub [rcx+000001C8],(float)1
  jmp return

code:
  movss [rcx+000001C8],xmm0
  jmp return

daybreakTimer:
  jmp newmem
  nop 3
return:
registersymbol(daybreakTimer)

{$lua}
if syntaxcheck then return end
local memrec = memrec or getAddressList().getMemoryRecordByDescription("Script Name")

local timer = createTimer()
timer.Interval = 100 -- 1000 milliseconds per second
timer.OnTimer = function(theTimerCallingThisFunction)
  memrec.Active = false -- deactivate the script
  timer.destroy() -- destroy the timer so it doesn't keep running
end
{$asm}

[DISABLE]
daybreakTimer:
  db F3 0F 11 81 C8 01 00 00

unregistersymbol(daybreakTimer)
dealloc(newmem)

{
// ORIGINAL CODE - INJECTION POINT: "StateOfDecay2-Win64-Shipping.exe"+57AEA4

"StateOfDecay2-Win64-Shipping.exe"+57AE7F: 48 83 C4 30              -  add rsp,30
"StateOfDecay2-Win64-Shipping.exe"+57AE83: 5B                       -  pop rbx
"StateOfDecay2-Win64-Shipping.exe"+57AE84: C3                       -  ret
"StateOfDecay2-Win64-Shipping.exe"+57AE85: F3 0F 10 81 C8 01 00 00  -  movss xmm0,[rcx+000001C8]
"StateOfDecay2-Win64-Shipping.exe"+57AE8D: 0F 57 C9                 -  xorps xmm1,xmm1
"StateOfDecay2-Win64-Shipping.exe"+57AE90: 48 89 7C 24 40           -  mov [rsp+40],rdi
"StateOfDecay2-Win64-Shipping.exe"+57AE95: 33 FF                    -  xor edi,edi
"StateOfDecay2-Win64-Shipping.exe"+57AE97: 0F 2F C1                 -  comiss xmm0,xmm1
"StateOfDecay2-Win64-Shipping.exe"+57AE9A: 0F 86 85 00 00 00        -  jbe StateOfDecay2-Win64-Shipping.exe+57AF25
"StateOfDecay2-Win64-Shipping.exe"+57AEA0: F3 0F 5C C6              -  subss xmm0,xmm6
// ---------- INJECTING HERE ----------
"StateOfDecay2-Win64-Shipping.exe"+57AEA4: F3 0F 11 81 C8 01 00 00  -  movss [rcx+000001C8],xmm0
// ---------- DONE INJECTING  ----------
"StateOfDecay2-Win64-Shipping.exe"+57AEAC: 40 38 B8 B0 00 00 00     -  cmp [rax+000000B0],dil
"StateOfDecay2-Win64-Shipping.exe"+57AEB3: 74 70                    -  je StateOfDecay2-Win64-Shipping.exe+57AF25
"StateOfDecay2-Win64-Shipping.exe"+57AEB5: 39 78 40                 -  cmp [rax+40],edi
"StateOfDecay2-Win64-Shipping.exe"+57AEB8: 75 05                    -  jne StateOfDecay2-Win64-Shipping.exe+57AEBF
"StateOfDecay2-Win64-Shipping.exe"+57AEBA: 39 78 44                 -  cmp [rax+44],edi
"StateOfDecay2-Win64-Shipping.exe"+57AEBD: 74 66                    -  je StateOfDecay2-Win64-Shipping.exe+57AF25
"StateOfDecay2-Win64-Shipping.exe"+57AEBF: 48 39 B9 E0 01 00 00     -  cmp [rcx+000001E0],rdi
"StateOfDecay2-Win64-Shipping.exe"+57AEC6: 75 3B                    -  jne StateOfDecay2-Win64-Shipping.exe+57AF03
"StateOfDecay2-Win64-Shipping.exe"+57AEC8: 48 8B 89 10 01 00 00     -  mov rcx,[rcx+00000110]
"StateOfDecay2-Win64-Shipping.exe"+57AECF: 48 8B 40 40              -  mov rax,[rax+40]
}

PreviousShadow Warrior 2 NextStranded Deep

Last updated 5 years ago

Was this helpful?

{ Game : State of Decay 2 - Windows Store Version: v2.384.867.0 Date : 2020-03-10 Author : SovietWristwatch.jpg } [ENABLE] aobscanmodule(instantBounties,StateOfDecay2-Win64-Shipping.exe,39 43 08 7D 62) alloc(newmem,$1000,instantBounties) label(code) label(return) newmem: code: cmp [rbx+08],eax jmp StateOfDecay2-Win64-Shipping.exe+368FDD jmp return instantBounties: jmp newmem return: registersymbol(instantBounties) [DISABLE] instantBounties: db 39 43 08 7D 62 unregistersymbol(instantBounties) dealloc(newmem) { // ORIGINAL CODE - INJECTION POINT: "StateOfDecay2-Win64-Shipping.exe"+368F76 "StateOfDecay2-Win64-Shipping.exe"+368F4B: 4C 63 76 38 - movsxd r14,dword ptr [rsi+38] "StateOfDecay2-Win64-Shipping.exe"+368F4F: 49 C1 E6 04 - shl r14,04 "StateOfDecay2-Win64-Shipping.exe"+368F53: 4C 03 F3 - add r14,rbx "StateOfDecay2-Win64-Shipping.exe"+368F56: 49 3B DE - cmp rbx,r14 "StateOfDecay2-Win64-Shipping.exe"+368F59: 0F 84 96 00 00 00 - je StateOfDecay2-Win64-Shipping.exe+368FF5 "StateOfDecay2-Win64-Shipping.exe"+368F5F: 44 8B BC 24 80 00 00 00 - mov r15d,[rsp+00000080] "StateOfDecay2-Win64-Shipping.exe"+368F67: 4C 8B 64 24 78 - mov r12,[rsp+78] "StateOfDecay2-Win64-Shipping.exe"+368F6C: 0F 1F 40 00 - nop [rax+00] "StateOfDecay2-Win64-Shipping.exe"+368F70: 48 8B 13 - mov rdx,[rbx] "StateOfDecay2-Win64-Shipping.exe"+368F73: 8B 42 78 - mov eax,[rdx+78] // ---------- INJECTING HERE ---------- "StateOfDecay2-Win64-Shipping.exe"+368F76: 39 43 08 - cmp [rbx+08],eax "StateOfDecay2-Win64-Shipping.exe"+368F79: 7D 62 - jnl StateOfDecay2-Win64-Shipping.exe+368FDD // ---------- DONE INJECTING ---------- "StateOfDecay2-Win64-Shipping.exe"+368F7B: 48 8B 42 10 - mov rax,[rdx+10] "StateOfDecay2-Win64-Shipping.exe"+368F7F: 4D 8D 84 24 88 00 00 00 - lea r8,[r12+00000088] "StateOfDecay2-Win64-Shipping.exe"+368F87: 49 63 48 08 - movsxd rcx,dword ptr [r8+08] "StateOfDecay2-Win64-Shipping.exe"+368F8B: 3B 88 90 00 00 00 - cmp ecx,[rax+00000090] "StateOfDecay2-Win64-Shipping.exe"+368F91: 7F 47 - jg StateOfDecay2-Win64-Shipping.exe+368FDA "StateOfDecay2-Win64-Shipping.exe"+368F93: 48 8B 80 88 00 00 00 - mov rax,[rax+00000088] "StateOfDecay2-Win64-Shipping.exe"+368F9A: 4C 39 04 C8 - cmp [rax+rcx*8],r8 "StateOfDecay2-Win64-Shipping.exe"+368F9E: 75 3A - jne StateOfDecay2-Win64-Shipping.exe+368FDA "StateOfDecay2-Win64-Shipping.exe"+368FA0: 49 8B 4D 08 - mov rcx,[r13+08] "StateOfDecay2-Win64-Shipping.exe"+368FA4: 48 89 54 24 28 - mov [rsp+28],rdx }

{ Game : State of Decay 2 - Windows Store Version: v2.384.867.0 Date : 2020-03-10 Author : SovietWristwatch.jpg } [ENABLE] aobscanmodule(noTrauma,StateOfDecay2-Win64-Shipping.exe,F3 0F 11 89 74 04 00 00) alloc(newmem,$1000,noTrauma) label(code) label(return) newmem: cmp [rcx+C4],#391 // filter player/hostile humans jne code cmp [rcx+43C],#391 jne code //cmp [rcx+1D0],1 // filter player/hostile humans //jne code //cmp [rcx+1D4],1 // filter player/hostile humans //jne code mov [rcx+00000474],(float)0 jmp return code: movss [rcx+00000474],xmm1 jmp return noTrauma: jmp newmem nop 3 return: registersymbol(noTrauma) [DISABLE] noTrauma: db F3 0F 11 89 74 04 00 00 unregistersymbol(noTrauma) dealloc(newmem) { // ORIGINAL CODE - INJECTION POINT: "StateOfDecay2-Win64-Shipping.exe"+21C2C3 "StateOfDecay2-Win64-Shipping.exe"+21C29F: 48 89 5C 24 70 - mov [rsp+70],rbx "StateOfDecay2-Win64-Shipping.exe"+21C2A4: 0F 29 74 24 50 - movaps [rsp+50],xmm6 "StateOfDecay2-Win64-Shipping.exe"+21C2A9: 49 8B F8 - mov rdi,r8 "StateOfDecay2-Win64-Shipping.exe"+21C2AC: 48 8B D9 - mov rbx,rcx "StateOfDecay2-Win64-Shipping.exe"+21C2AF: 0F 57 F6 - xorps xmm6,xmm6 "StateOfDecay2-Win64-Shipping.exe"+21C2B2: 0F 2F CE - comiss xmm1,xmm6 "StateOfDecay2-Win64-Shipping.exe"+21C2B5: 73 03 - jae StateOfDecay2-Win64-Shipping.exe+21C2BA "StateOfDecay2-Win64-Shipping.exe"+21C2B7: 0F 28 CE - movaps xmm1,xmm6 "StateOfDecay2-Win64-Shipping.exe"+21C2BA: 0F 2E 89 74 04 00 00 - ucomiss xmm1,[rcx+00000474] "StateOfDecay2-Win64-Shipping.exe"+21C2C1: 74 73 - je StateOfDecay2-Win64-Shipping.exe+21C336 // ---------- INJECTING HERE ---------- "StateOfDecay2-Win64-Shipping.exe"+21C2C3: F3 0F 11 89 74 04 00 00 - movss [rcx+00000474],xmm1 // ---------- DONE INJECTING ---------- "StateOfDecay2-Win64-Shipping.exe"+21C2CB: 48 81 C1 30 07 00 00 - add rcx,00000730 "StateOfDecay2-Win64-Shipping.exe"+21C2D2: B2 07 - mov dl,07 "StateOfDecay2-Win64-Shipping.exe"+21C2D4: E8 47 3D FF FF - call StateOfDecay2-Win64-Shipping.exe+210020 "StateOfDecay2-Win64-Shipping.exe"+21C2D9: 0F 2E B3 74 04 00 00 - ucomiss xmm6,[rbx+00000474] "StateOfDecay2-Win64-Shipping.exe"+21C2E0: 75 54 - jne StateOfDecay2-Win64-Shipping.exe+21C336 "StateOfDecay2-Win64-Shipping.exe"+21C2E2: 33 C0 - xor eax,eax "StateOfDecay2-Win64-Shipping.exe"+21C2E4: 48 89 44 24 38 - mov [rsp+38],rax "StateOfDecay2-Win64-Shipping.exe"+21C2E9: 48 89 44 24 40 - mov [rsp+40],rax "StateOfDecay2-Win64-Shipping.exe"+21C2EE: 48 8D 57 40 - lea rdx,[rdi+40] "StateOfDecay2-Win64-Shipping.exe"+21C2F2: 48 8D 05 17 55 3D 03 - lea rax,[StateOfDecay2-Win64-Shipping.exe+35F1810] }

{ Game : State of Decay 2 - Windows Store Version: v2.384.867.0 Date : 2020-03-10 Author : SovietWristwatch.jpg } [ENABLE] aobscanmodule(noInjury,StateOfDecay2-Win64-Shipping.exe,F3 0F 11 84 87 D0 02 00 00) alloc(newmem,$1000,noInjury) label(code) label(return) newmem: cmp rax,7 jne code cmp [rdi+24],#391 // filter player/hostile humans jne code mov [rdi+rax*4+000002D0],(float)0 jmp return code: movss [rdi+rax*4+000002D0],xmm0 jmp return noInjury: jmp newmem nop 4 return: registersymbol(noInjury) [DISABLE] noInjury: db F3 0F 11 84 87 D0 02 00 00 unregistersymbol(noInjury) dealloc(newmem) { // ORIGINAL CODE - INJECTION POINT: "StateOfDecay2-Win64-Shipping.exe"+216B2E "StateOfDecay2-Win64-Shipping.exe"+216B08: 41 FF 50 10 - call qword ptr [r8+10] "StateOfDecay2-Win64-Shipping.exe"+216B0C: 4C 8B 06 - mov r8,[rsi] "StateOfDecay2-Win64-Shipping.exe"+216B0F: 8B D3 - mov edx,ebx "StateOfDecay2-Win64-Shipping.exe"+216B11: 48 8B CE - mov rcx,rsi "StateOfDecay2-Win64-Shipping.exe"+216B14: 0F B6 E8 - movzx ebp,al "StateOfDecay2-Win64-Shipping.exe"+216B17: 41 FF 50 08 - call qword ptr [r8+08] "StateOfDecay2-Win64-Shipping.exe"+216B1B: 40 80 FD 94 - cmp bpl,-6C "StateOfDecay2-Win64-Shipping.exe"+216B1F: 73 16 - jae StateOfDecay2-Win64-Shipping.exe+216B37 "StateOfDecay2-Win64-Shipping.exe"+216B21: 40 0F B6 C5 - movzx eax,bpl "StateOfDecay2-Win64-Shipping.exe"+216B25: F3 0F 58 84 87 D0 02 00 00 - addss xmm0,[rdi+rax*4+000002D0] // ---------- INJECTING HERE ---------- "StateOfDecay2-Win64-Shipping.exe"+216B2E: F3 0F 11 84 87 D0 02 00 00 - movss [rdi+rax*4+000002D0],xmm0 // ---------- DONE INJECTING ---------- "StateOfDecay2-Win64-Shipping.exe"+216B37: FF C3 - inc ebx "StateOfDecay2-Win64-Shipping.exe"+216B39: 41 3B DE - cmp ebx,r14d "StateOfDecay2-Win64-Shipping.exe"+216B3C: 7C C2 - jl StateOfDecay2-Win64-Shipping.exe+216B00 "StateOfDecay2-Win64-Shipping.exe"+216B3E: 49 83 C7 08 - add r15,08 "StateOfDecay2-Win64-Shipping.exe"+216B42: 4D 3B FD - cmp r15,r13 "StateOfDecay2-Win64-Shipping.exe"+216B45: 75 9E - jne StateOfDecay2-Win64-Shipping.exe+216AE5 "StateOfDecay2-Win64-Shipping.exe"+216B47: 4C 8B 74 24 28 - mov r14,[rsp+28] "StateOfDecay2-Win64-Shipping.exe"+216B4C: 48 8B 74 24 60 - mov rsi,[rsp+60] "StateOfDecay2-Win64-Shipping.exe"+216B51: 48 8B 6C 24 58 - mov rbp,[rsp+58] "StateOfDecay2-Win64-Shipping.exe"+216B56: 48 8B 5C 24 50 - mov rbx,[rsp+50] }

{ Game : State of Decay 2 - Windows Store Version: v2.384.867.0 Date : 2020-03-10 Author : SovietWristwatch.jpg } [ENABLE] aobscanmodule(daybreakTimer,StateOfDecay2-Win64-Shipping.exe,F3 0F 11 81 C8 01 00 00) alloc(newmem,$1000,daybreakTimer) label(code) label(return) newmem: sub [rcx+000001C8],(float)1 jmp return code: movss [rcx+000001C8],xmm0 jmp return daybreakTimer: jmp newmem nop 3 return: registersymbol(daybreakTimer) [DISABLE] daybreakTimer: db F3 0F 11 81 C8 01 00 00 unregistersymbol(daybreakTimer) dealloc(newmem) { // ORIGINAL CODE - INJECTION POINT: "StateOfDecay2-Win64-Shipping.exe"+57AEA4 "StateOfDecay2-Win64-Shipping.exe"+57AE7F: 48 83 C4 30 - add rsp,30 "StateOfDecay2-Win64-Shipping.exe"+57AE83: 5B - pop rbx "StateOfDecay2-Win64-Shipping.exe"+57AE84: C3 - ret "StateOfDecay2-Win64-Shipping.exe"+57AE85: F3 0F 10 81 C8 01 00 00 - movss xmm0,[rcx+000001C8] "StateOfDecay2-Win64-Shipping.exe"+57AE8D: 0F 57 C9 - xorps xmm1,xmm1 "StateOfDecay2-Win64-Shipping.exe"+57AE90: 48 89 7C 24 40 - mov [rsp+40],rdi "StateOfDecay2-Win64-Shipping.exe"+57AE95: 33 FF - xor edi,edi "StateOfDecay2-Win64-Shipping.exe"+57AE97: 0F 2F C1 - comiss xmm0,xmm1 "StateOfDecay2-Win64-Shipping.exe"+57AE9A: 0F 86 85 00 00 00 - jbe StateOfDecay2-Win64-Shipping.exe+57AF25 "StateOfDecay2-Win64-Shipping.exe"+57AEA0: F3 0F 5C C6 - subss xmm0,xmm6 // ---------- INJECTING HERE ---------- "StateOfDecay2-Win64-Shipping.exe"+57AEA4: F3 0F 11 81 C8 01 00 00 - movss [rcx+000001C8],xmm0 // ---------- DONE INJECTING ---------- "StateOfDecay2-Win64-Shipping.exe"+57AEAC: 40 38 B8 B0 00 00 00 - cmp [rax+000000B0],dil "StateOfDecay2-Win64-Shipping.exe"+57AEB3: 74 70 - je StateOfDecay2-Win64-Shipping.exe+57AF25 "StateOfDecay2-Win64-Shipping.exe"+57AEB5: 39 78 40 - cmp [rax+40],edi "StateOfDecay2-Win64-Shipping.exe"+57AEB8: 75 05 - jne StateOfDecay2-Win64-Shipping.exe+57AEBF "StateOfDecay2-Win64-Shipping.exe"+57AEBA: 39 78 44 - cmp [rax+44],edi "StateOfDecay2-Win64-Shipping.exe"+57AEBD: 74 66 - je StateOfDecay2-Win64-Shipping.exe+57AF25 "StateOfDecay2-Win64-Shipping.exe"+57AEBF: 48 39 B9 E0 01 00 00 - cmp [rcx+000001E0],rdi "StateOfDecay2-Win64-Shipping.exe"+57AEC6: 75 3B - jne StateOfDecay2-Win64-Shipping.exe+57AF03 "StateOfDecay2-Win64-Shipping.exe"+57AEC8: 48 8B 89 10 01 00 00 - mov rcx,[rcx+00000110] "StateOfDecay2-Win64-Shipping.exe"+57AECF: 48 8B 40 40 - mov rax,[rax+40] }

{ Game : State of Decay 2 - Windows Store Version: v2.384.867.0 Date : 2020-03-10 Author : SovietWristwatch.jpg } [ENABLE] aobscanmodule(daybreakTimer,StateOfDecay2-Win64-Shipping.exe,F3 0F 11 81 C8 01 00 00) alloc(newmem,$1000,daybreakTimer) label(code) label(return) newmem: sub [rcx+000001C8],(float)1 jmp return code: movss [rcx+000001C8],xmm0 jmp return daybreakTimer: jmp newmem nop 3 return: registersymbol(daybreakTimer) {$lua} if syntaxcheck then return end local memrec = memrec or getAddressList().getMemoryRecordByDescription("Script Name") local timer = createTimer() timer.Interval = 100 -- 1000 milliseconds per second timer.OnTimer = function(theTimerCallingThisFunction) memrec.Active = false -- deactivate the script timer.destroy() -- destroy the timer so it doesn't keep running end {$asm} [DISABLE] daybreakTimer: db F3 0F 11 81 C8 01 00 00 unregistersymbol(daybreakTimer) dealloc(newmem) { // ORIGINAL CODE - INJECTION POINT: "StateOfDecay2-Win64-Shipping.exe"+57AEA4 "StateOfDecay2-Win64-Shipping.exe"+57AE7F: 48 83 C4 30 - add rsp,30 "StateOfDecay2-Win64-Shipping.exe"+57AE83: 5B - pop rbx "StateOfDecay2-Win64-Shipping.exe"+57AE84: C3 - ret "StateOfDecay2-Win64-Shipping.exe"+57AE85: F3 0F 10 81 C8 01 00 00 - movss xmm0,[rcx+000001C8] "StateOfDecay2-Win64-Shipping.exe"+57AE8D: 0F 57 C9 - xorps xmm1,xmm1 "StateOfDecay2-Win64-Shipping.exe"+57AE90: 48 89 7C 24 40 - mov [rsp+40],rdi "StateOfDecay2-Win64-Shipping.exe"+57AE95: 33 FF - xor edi,edi "StateOfDecay2-Win64-Shipping.exe"+57AE97: 0F 2F C1 - comiss xmm0,xmm1 "StateOfDecay2-Win64-Shipping.exe"+57AE9A: 0F 86 85 00 00 00 - jbe StateOfDecay2-Win64-Shipping.exe+57AF25 "StateOfDecay2-Win64-Shipping.exe"+57AEA0: F3 0F 5C C6 - subss xmm0,xmm6 // ---------- INJECTING HERE ---------- "StateOfDecay2-Win64-Shipping.exe"+57AEA4: F3 0F 11 81 C8 01 00 00 - movss [rcx+000001C8],xmm0 // ---------- DONE INJECTING ---------- "StateOfDecay2-Win64-Shipping.exe"+57AEAC: 40 38 B8 B0 00 00 00 - cmp [rax+000000B0],dil "StateOfDecay2-Win64-Shipping.exe"+57AEB3: 74 70 - je StateOfDecay2-Win64-Shipping.exe+57AF25 "StateOfDecay2-Win64-Shipping.exe"+57AEB5: 39 78 40 - cmp [rax+40],edi "StateOfDecay2-Win64-Shipping.exe"+57AEB8: 75 05 - jne StateOfDecay2-Win64-Shipping.exe+57AEBF "StateOfDecay2-Win64-Shipping.exe"+57AEBA: 39 78 44 - cmp [rax+44],edi "StateOfDecay2-Win64-Shipping.exe"+57AEBD: 74 66 - je StateOfDecay2-Win64-Shipping.exe+57AF25 "StateOfDecay2-Win64-Shipping.exe"+57AEBF: 48 39 B9 E0 01 00 00 - cmp [rcx+000001E0],rdi "StateOfDecay2-Win64-Shipping.exe"+57AEC6: 75 3B - jne StateOfDecay2-Win64-Shipping.exe+57AF03 "StateOfDecay2-Win64-Shipping.exe"+57AEC8: 48 8B 89 10 01 00 00 - mov rcx,[rcx+00000110] "StateOfDecay2-Win64-Shipping.exe"+57AECF: 48 8B 40 40 - mov rax,[rax+40] }