Updated for the latest version, added fallback

Dumper Module/DllMain.cpp

@@ -1,4 +1,5 @@
 #include <iostream>
+#include <vector>
 #include <windows.h>
 #include <psapi.h>
 
@@ -49,6 +50,22 @@ DWORD64 FindPattern(DWORD64 m_dwAddress, const std::string& m_strPattern)
 	return 0;
 }
 
+DWORD64 Backscan(DWORD64 m_dwAddress, DWORD64 m_dwBytesToBacktrack, const std::vector<unsigned char>& m_pBytes)
+{
+	DWORD64 m_dwEndAddress = m_dwAddress - m_dwBytesToBacktrack;
+	for (DWORD64 m_dwCurrentAddress = m_dwAddress; m_dwCurrentAddress >= m_dwEndAddress; m_dwCurrentAddress--)
+	{
+		if (memcmp((void*)m_dwCurrentAddress, m_pBytes.data(), m_pBytes.size()) == 0)
+		{
+			return m_dwCurrentAddress;
+		}
+	}
+
+	return 0;
+}
+
+
+
 void* DecryptMetadataHeaderOriginal = nullptr;
 void* __stdcall DecryptMetadataHeader(void* a1, DWORD64 m_dwHeaderSize, void* a3, void* a4)
 {
@@ -68,11 +85,20 @@ BOOL APIENTRY DllMain(HMODULE m_pModule, DWORD m_dwReason, LPVOID m_pReserved)
 	{
 		DWORD64 m_dwGameAssemblyAddress = (DWORD64)LoadLibraryA("GameAssembly.dll");
 
-		DWORD64 m_dwXXTEADecrypt = FindPattern(m_dwGameAssemblyAddress, "4C 89 4C 24 ? 53 55 48 83 EC ? 41");
+		DWORD64 m_dwXXTEADecrypt = FindPattern(m_dwGameAssemblyAddress, "4C 89 4C 24 20 53 56 41 55 41 56 48 83 EC 58");
 		if (m_dwXXTEADecrypt == 0)
 		{
-			MessageBoxA(NULL, "Failed To Find The xxtea Decrypt Function", "Dumper Module", MB_OK);
-			return TRUE;
+			DWORD64 m_dwXXTEADecryptCodeSegment = FindPattern(m_dwGameAssemblyAddress, "C1 E1 08 41 0B C8 C1 E2 08 C1 E1 08 44 8D");
+			if (m_dwXXTEADecryptCodeSegment != 0)
+			{
+				m_dwXXTEADecrypt = Backscan(m_dwXXTEADecryptCodeSegment, 0x200, { 0x4C, 0x89, 0x4C, 0x24, 0x20, 0x53 });
+			}
+
+			if (m_dwXXTEADecrypt == 0)
+			{
+				MessageBoxA(NULL, "Failed To Find The xxtea Decrypt Function", "Dumper Module", MB_OK);
+				return TRUE;
+			}
 		}
 
 		MH_Initialize();