diff --git a/WeChatFerry/spy/chatroom_mgmt.cpp b/WeChatFerry/spy/chatroom_mgmt.cpp
index f26e351..43a28aa 100644
--- a/WeChatFerry/spy/chatroom_mgmt.cpp
+++ b/WeChatFerry/spy/chatroom_mgmt.cpp
@@ -9,10 +9,10 @@
 using namespace std;
 extern QWORD g_WeChatWinDllAddr;
 
-#define OS_GET_CHATROOM_MGR 0x1C4E200
-#define OS_ADD_MEMBERS      0x221B8A0
-#define OS_DELETE_MEMBERS   0x221BEE0
-#define OS_INVITE_MEMBERS   0x221B280
+#define OS_GET_CHATROOM_MGR 0x1b83bd0
+#define OS_ADD_MEMBERS      0x2155100
+#define OS_DELETE_MEMBERS   0x2155740
+#define OS_INVITE_MEMBERS   0x2154ae0
 
 typedef QWORD (*GetChatRoomMgr_t)();
 typedef QWORD (*AddMemberToChatRoom_t)(QWORD, QWORD, QWORD, QWORD);
diff --git a/WeChatFerry/spy/contact_mgmt.cpp b/WeChatFerry/spy/contact_mgmt.cpp
index 3b7b559..f81d1c1 100644
--- a/WeChatFerry/spy/contact_mgmt.cpp
+++ b/WeChatFerry/spy/contact_mgmt.cpp
@@ -7,8 +7,8 @@
 using namespace std;
 extern QWORD g_WeChatWinDllAddr;
 
-#define OS_GET_CONTACT_MGR  0x1C0BDE0
-#define OS_GET_CONTACT_LIST 0x2265540
+#define OS_GET_CONTACT_MGR  0x1B417A0
+#define OS_GET_CONTACT_LIST 0x219ED10
 #define OS_CONTACT_BIN      0x200
 #define OS_CONTACT_BIN_LEN  0x208
 #define OS_CONTACT_WXID     0x10
diff --git a/WeChatFerry/spy/exec_sql.cpp b/WeChatFerry/spy/exec_sql.cpp
index 5de9628..6253164 100644
--- a/WeChatFerry/spy/exec_sql.cpp
+++ b/WeChatFerry/spy/exec_sql.cpp
@@ -5,7 +5,7 @@
 #include "sqlite3.h"
 #include "util.h"
 
-#define OFFSET_DB_INSTANCE     0x5A40598
+#define OFFSET_DB_INSTANCE     0x5902000
 #define OFFSET_DB_MICROMSG     0xb8
 #define OFFSET_DB_CHAT_MSG     0x2c8
 #define OFFSET_DB_MISC         0x5f0
@@ -14,7 +14,7 @@
 #define OFFSET_DB_BIZCHAT_MSG  0x1A70
 #define OFFSET_DB_FUNCTION_MSG 0x1b98
 #define OFFSET_DB_NAME         0x28
-#define OFFSET_DB_MSG_MGR      0x5ABB5D8
+#define OFFSET_DB_MSG_MGR      0x595F900
 
 extern UINT64 g_WeChatWinDllAddr;
 
diff --git a/WeChatFerry/spy/funcs.cpp b/WeChatFerry/spy/funcs.cpp
index 9ff3edc..0c3cb7e 100644
--- a/WeChatFerry/spy/funcs.cpp
+++ b/WeChatFerry/spy/funcs.cpp
@@ -24,17 +24,17 @@ extern QWORD g_WeChatWinDllAddr;
 #define HEADER_GIF1 0x47
 #define HEADER_GIF2 0x49
 
-#define OS_LOGIN_STATUS               0x5AB86A8
-#define OS_GET_SNS_DATA_MGR           0x22A91C0
-#define OS_GET_SNS_FIRST_PAGE         0x2ED9080
-#define OS_GET_SNS_TIMELINE_MGR       0x2E6B110
-#define OS_GET_SNS_NEXT_PAGE          0x2EFEC00
-#define OS_NEW_CHAT_MSG               0x1C28800
-#define OS_FREE_CHAT_MSG              0x1C1FF10
-#define OS_GET_CHAT_MGR               0x1C51CF0
-#define OS_GET_MGR_BY_PREFIX_LOCAL_ID 0x2206280
-#define OS_GET_PRE_DOWNLOAD_MGR       0x1CD87E0
-#define OS_PUSH_ATTACH_TASK           0x1DA69C0
+#define OS_LOGIN_STATUS               0x595C9E8
+#define OS_GET_SNS_DATA_MGR           0x21E2200
+#define OS_GET_SNS_FIRST_PAGE         0x2E212d0
+#define OS_GET_SNS_TIMELINE_MGR       0x2DB3390
+#define OS_GET_SNS_NEXT_PAGE          0x2EC8970
+#define OS_NEW_CHAT_MSG               0x1B5E140
+#define OS_FREE_CHAT_MSG              0x1B55850
+#define OS_GET_CHAT_MGR               0x1B876C0
+#define OS_GET_MGR_BY_PREFIX_LOCAL_ID 0x213FB00
+#define OS_GET_PRE_DOWNLOAD_MGR       0x1C0EE70
+#define OS_PUSH_ATTACH_TASK           0x1CDF4E0
 
 typedef QWORD (*GetSNSDataMgr_t)();
 typedef QWORD (*GetSnsTimeLineMgr_t)();
diff --git a/WeChatFerry/spy/receive_msg.cpp b/WeChatFerry/spy/receive_msg.cpp
index 8d385db..a9a40fa 100644
--- a/WeChatFerry/spy/receive_msg.cpp
+++ b/WeChatFerry/spy/receive_msg.cpp
@@ -38,8 +38,8 @@ extern QWORD g_WeChatWinDllAddr;
 #define OS_PYQ_MSG_XML      0x9B8
 #define OS_PYQ_MSG_SENDER   0x18
 #define OS_PYQ_MSG_CONTENT  0x48
-#define OS_PYQ_MSG_CALL     0x2EFAA10
-#define OS_WXLOG            0x26DA2D0
+#define OS_PYQ_MSG_CALL     0x2e42c90
+#define OS_WXLOG            0x2613d20
 
 typedef QWORD (*RecvMsg_t)(QWORD, QWORD);
 typedef QWORD (*WxLog_t)(QWORD, QWORD, QWORD, QWORD, QWORD, QWORD, QWORD, QWORD, QWORD, QWORD, QWORD, QWORD);
diff --git a/WeChatFerry/spy/send_msg.cpp b/WeChatFerry/spy/send_msg.cpp
index 70b0900..a6df0a7 100644
--- a/WeChatFerry/spy/send_msg.cpp
+++ b/WeChatFerry/spy/send_msg.cpp
@@ -14,20 +14,20 @@ extern string GetSelfWxid(); // Defined in spy.cpp
 
 #define SRTM_SIZE 0x3F0
 
-#define OS_NEW             0x1C28800
-#define OS_FREE            0x1C1FF10
-#define OS_SEND_MSG_MGR    0x1C1E690
-#define OS_SEND_TEXT       0x238DDD0
-#define OS_SEND_IMAGE      0x2383560
-#define OS_GET_APP_MSG_MGR 0x1C23630
-#define OS_SEND_FILE       0x21969E0
-#define OS_RTM_NEW         0x1C27D50
-#define OS_RTM_FREE        0x1C27120
+#define OS_NEW             0x1b5e140
+#define OS_FREE            0x1b55850
+#define OS_SEND_MSG_MGR    0x1ca4f70
+#define OS_SEND_TEXT       0x22c6b60
+#define OS_SEND_IMAGE      0x22bc2f0
+#define OS_GET_APP_MSG_MGR 0x1b557d0
+#define OS_SEND_FILE       0x20d0230
+#define OS_RTM_NEW         0x1b5d690
+#define OS_RTM_FREE        0x1b5ca60
 #define OS_SEND_RICH_TEXT  0x21A09C0
-#define OS_SEND_PAT_MSG    0x2D669B0
-#define OS_FORWARD_MSG     0x238D350
-#define OS_GET_EMOTION_MGR 0x1C988D0
-#define OS_SEND_EMOTION    0x227B9E0
+#define OS_SEND_PAT_MSG    0x2caec00
+#define OS_FORWARD_MSG     0x22C60E0
+#define OS_GET_EMOTION_MGR 0x1bcef10
+#define OS_SEND_EMOTION    0x21b52d5
 
 typedef QWORD (*New_t)(QWORD);
 typedef QWORD (*Free_t)(QWORD);
diff --git a/WeChatFerry/spy/sqlite3.h b/WeChatFerry/spy/sqlite3.h
index 09bc15d..9b1b604 100644
--- a/WeChatFerry/spy/sqlite3.h
+++ b/WeChatFerry/spy/sqlite3.h
@@ -138,24 +138,24 @@
 #define SQLITE_NULL    5
 #define SQLITE_TEXT    3
 
-#define SQLITE3_EXEC_OFFSET             0x3AFBCE0
-#define SQLITE3_BACKUP_INIT_OFFSET      0x1DEA900
-#define SQLITE3_PREPARE_OFFSET          0x3B03990
-#define SQLITE3_OPEN_OFFSET             0x1E598B0
-#define SQLITE3_BACKUP_STEP_OFFSET      0x1DEAD00
-#define SQLITE3_BACKUP_REMAINING_OFFSET 0x1DEB440
-#define SQLITE3_BACKUP_PAGECOUNT_OFFSET 0x1DEB450
-#define SQLITE3_BACKUP_FINISH_OFFSET    0x1DEB340
-#define SQLITE3_SLEEP_OFFSET            0x1E5A0F0
-#define SQLITE3_ERRCODE_OFFSET          0x1E58550
-#define SQLITE3_CLOSE_OFFSET            0x1E56CD0
-#define SQLITE3_STEP_OFFSET             0x3ABFCE0
-#define SQLITE3_COLUMN_COUNT_OFFSET     0x3AC0500
-#define SQLITE3_COLUMN_NAME_OFFSET      0x3AC0F00
-#define SQLITE3_COLUMN_TYPE_OFFSET      0x3AC0D50
-#define SQLITE3_COLUMN_BLOB_OFFSET      0x3AC0530
-#define SQLITE3_COLUMN_BYTES_OFFSET     0x3AC0620
-#define SQLITE3_FINALIZE_OFFSET         0x3ABED90
+#define SQLITE3_EXEC_OFFSET             0x3A5EDA0
+#define SQLITE3_BACKUP_INIT_OFFSET      0x3A18EA0
+#define SQLITE3_PREPARE_OFFSET          0x3A66A20
+#define SQLITE3_OPEN_OFFSET             0x3A9E210
+#define SQLITE3_BACKUP_STEP_OFFSET      0x3A193F0
+#define SQLITE3_BACKUP_REMAINING_OFFSET 0x1B26EB0
+#define SQLITE3_BACKUP_PAGECOUNT_OFFSET 0x1B26EE0
+#define SQLITE3_BACKUP_FINISH_OFFSET    0x3A19AF0
+#define SQLITE3_SLEEP_OFFSET            0x3A9EE70
+#define SQLITE3_ERRCODE_OFFSET          0x3A9CB10
+#define SQLITE3_CLOSE_OFFSET            0x3A9AC70
+#define SQLITE3_STEP_OFFSET             0x3A22DA0
+#define SQLITE3_COLUMN_COUNT_OFFSET     0x3A235C0
+#define SQLITE3_COLUMN_NAME_OFFSET      0x3A23FC0
+#define SQLITE3_COLUMN_TYPE_OFFSET      0x3A23E10
+#define SQLITE3_COLUMN_BLOB_OFFSET      0x3A235F0
+#define SQLITE3_COLUMN_BYTES_OFFSET     0x3A236E0
+#define SQLITE3_FINALIZE_OFFSET         0x3A21E50
 
 typedef int (*Sqlite3_callback)(void *, int, char **, char **);