diff --git a/WeChatFerry/rpc/pb_types.h b/WeChatFerry/rpc/pb_types.h
index 447f53a..3e8488c 100644
--- a/WeChatFerry/rpc/pb_types.h
+++ b/WeChatFerry/rpc/pb_types.h
@@ -38,14 +38,16 @@ typedef vector<DbRow_t> DbRows_t;
 typedef struct {
     bool is_self;
     bool is_group;
-    int32_t type;
-    string id;
-    string xml;
+    uint32_t type;
+    uint32_t ts;
+    uint64_t id;
     string sender;
     string roomid;
     string content;
+    string sign;
     string thumb;
     string extra;
+    string xml;
 } WxMsg_t;
 
 typedef struct {
diff --git a/WeChatFerry/rpc/proto/wcf.proto b/WeChatFerry/rpc/proto/wcf.proto
index caf79f6..157b147 100644
--- a/WeChatFerry/rpc/proto/wcf.proto
+++ b/WeChatFerry/rpc/proto/wcf.proto
@@ -42,6 +42,7 @@ message Request
         XmlMsg xml     = 9;
         DecPath dec    = 10;
         Transfer tf    = 11;
+        uint64 ui64    = 12; // 64 位整数，通用
     }
 }
 
@@ -68,14 +69,16 @@ message WxMsg
 {
     bool is_self   = 1;  // 是否自己发送的
     bool is_group  = 2;  // 是否群消息
-    int32 type     = 3;  // 消息类型
-    string id      = 4;  // 消息 id
-    string xml     = 5;  // 消息 xml
-    string sender  = 6;  // 消息发送者
-    string roomid  = 7;  // 群 id（如果是群消息的话）
-    string content = 8;  // 消息内容
-    string thumb   = 9;  // 缩略图
-    string extra   = 10; // 附加内容
+    uint64 id      = 3;  // 消息 id
+    uint32 type    = 4;  // 消息类型
+    uint32 ts      = 5;  // 消息类型
+    string roomid  = 6;  // 群 id（如果是群消息的话）
+    string content = 7;  // 消息内容
+    string sender  = 8;  // 消息发送者
+    string sign    = 9;  // Sign
+    string thumb   = 10; // 缩略图
+    string extra   = 11; // 附加内容
+    string xml     = 12; // 消息 xml
 }
 
 message TextMsg
diff --git a/WeChatFerry/spy/load_calls.cpp b/WeChatFerry/spy/load_calls.cpp
index 9384492..014b951 100644
--- a/WeChatFerry/spy/load_calls.cpp
+++ b/WeChatFerry/spy/load_calls.cpp
@@ -9,8 +9,8 @@ WxCalls_t wxCalls = {
     { 0x2FFD484, 0x2FFD590, 0x2FFD500, 0x30238CC }, // User Info: wxid, nickname, mobile, home
     { 0x768140, 0xCE6C80, 0x756960 },               // Send Message
     /* Receive Message:
-          Hook,   call,   type, self,   id, msgXml, roomId, wxId, content, thumb, extra */
-    { 0xD19A0B, 0x756960, 0x38, 0x3C, 0x194, 0x1FC, 0x48, 0x180, 0x70, 0x1A8, 0x1BC },
+          Hook,  call, msgId, type, isSelf, ts, roomId, content, wxid, sign, thumb, extra, msgXml */
+    { 0xD19A0B, 0x756960, 0x30, 0x38, 0x3C, 0x44, 0x48, 0x70, 0x180, 0x194, 0x1A8, 0x1BC, 0x1FC },
     { 0x768140, 0XF59E40, 0XCE6640, 0x756960 },           // Send Image Message
     { 0x76AE20, 0xF59E40, 0xB6D1F0, 0x756960 },           // Send File Message
     { 0xB8A70, 0x3ED5E0, 0x107F00, 0x3ED7B0, 0x2386FE4 }, // Send xml Message
diff --git a/WeChatFerry/spy/receive_msg.cpp b/WeChatFerry/spy/receive_msg.cpp
index e495a63..1f69c1b 100644
--- a/WeChatFerry/spy/receive_msg.cpp
+++ b/WeChatFerry/spy/receive_msg.cpp
@@ -90,9 +90,12 @@ void DispatchMsg(DWORD reg)
 {
     WxMsg_t wxMsg;
 
+    wxMsg.id      = GET_QWORD(reg + g_WxCalls.recvMsg.msgId);
     wxMsg.type    = GET_DWORD(reg + g_WxCalls.recvMsg.type);
     wxMsg.is_self = GET_DWORD(reg + g_WxCalls.recvMsg.isSelf);
-    wxMsg.id      = GetStringByStrAddr(reg + g_WxCalls.recvMsg.msgId);
+    wxMsg.ts      = GET_DWORD(reg + g_WxCalls.recvMsg.ts);
+    wxMsg.content = GetStringByWstrAddr(reg + g_WxCalls.recvMsg.content);
+    wxMsg.sign    = GetStringByStrAddr(reg + g_WxCalls.recvMsg.sign);
     wxMsg.xml     = GetStringByStrAddr(reg + g_WxCalls.recvMsg.msgXml);
 
     string roomid = GetStringByWstrAddr(reg + g_WxCalls.recvMsg.roomId);
@@ -102,7 +105,7 @@ void DispatchMsg(DWORD reg)
         if (wxMsg.is_self) {
             wxMsg.sender = GetSelfWxid();
         } else {
-            wxMsg.sender = GetStringByStrAddr(reg + g_WxCalls.recvMsg.wxId);
+            wxMsg.sender = GetStringByStrAddr(reg + g_WxCalls.recvMsg.wxid);
         }
     } else {
         wxMsg.is_group = false;
@@ -113,8 +116,6 @@ void DispatchMsg(DWORD reg)
         }
     }
 
-    wxMsg.content = GetStringByWstrAddr(reg + g_WxCalls.recvMsg.content);
-
     wxMsg.thumb = GetStringByStrAddr(reg + g_WxCalls.recvMsg.thumb);
     if (!wxMsg.thumb.empty()) {
         wxMsg.thumb = GetHomePath() + wxMsg.thumb;
diff --git a/WeChatFerry/spy/spy_types.h b/WeChatFerry/spy/spy_types.h
index b26d546..bd495f7 100644
--- a/WeChatFerry/spy/spy_types.h
+++ b/WeChatFerry/spy/spy_types.h
@@ -12,15 +12,17 @@ typedef struct UserInfoCall {
 typedef struct RecvMsg {
     DWORD hook;    // Hook地址
     DWORD call;    // Call地址
+    DWORD msgId;   // 消息ID地址
     DWORD type;    // 消息类型地址
     DWORD isSelf;  // 是否自己发送标志地址
-    DWORD msgId;   // 消息ID地址
-    DWORD msgXml;  // 消息xml内容地址
+    DWORD ts;      // TimeStamp
     DWORD roomId;  // 群聊时，为群ID；私聊时，为微信ID
-    DWORD wxId;    // 私聊时，为空；群聊时，为发送者微信ID
     DWORD content; // 消息内容地址
+    DWORD wxid;    // 私聊时，为空；群聊时，为发送者微信ID
+    DWORD sign;    // Sign
     DWORD thumb;   // 缩略图
     DWORD extra;   // 附加数据
+    DWORD msgXml;  // 消息xml内容地址
 } RecvMsg_t;
 
 typedef struct SendText {
diff --git a/WeChatFerry/spy/util.h b/WeChatFerry/spy/util.h
index 5cf305f..11f03cd 100644
--- a/WeChatFerry/spy/util.h
+++ b/WeChatFerry/spy/util.h
@@ -9,6 +9,7 @@
 #define WECHATINJECTDLL_DEBUG L"spy_debug.dll"
 
 #define GET_DWORD(addr)          ((DWORD) * (DWORD *)(addr))
+#define GET_QWORD(addr)          ((uint64_t) * (uint64_t *)(addr))
 #define GET_STRING(addr)         ((CHAR *)(*(DWORD *)(addr)))
 #define GET_WSTRING(addr)        ((WCHAR *)(*(DWORD *)(addr)))
 #define GET_STRING_FROM_P(addr)  ((CHAR *)(addr))