diff --git a/xzre.h b/xzre.h
index 47e7b0a..3b1e074 100644
--- a/xzre.h
+++ b/xzre.h
@@ -301,6 +301,10 @@ typedef struct {
 // opcode is always +0x80 for the sake of it (yet another obfuscation)
 #define XZDASM_OPC(op) (op - 0x80)
 
+enum X86_OPCODE {
+	X86_OPCODE_LEA = 0x8D
+};
+
 typedef int BOOL;
 
 #define TRUE 1
@@ -308,34 +312,38 @@ typedef int BOOL;
 
 typedef enum {
 	// has lock or rep prefix
-	DF_LOCK_REP = 1,
-	// has segment override
-	DF_SEG = 2,
-	// has operand size override
-	DF_OSIZE = 4,
-	// has address size override
-	DF_ASIZE = 8,
-	// vex instruction
-	DF_VEX = 0x10,
-	// has rex
-	DF_REX = 0x20,
-	// has modrm
-	DF_MODRM = 0x40,
-	// has sib
-	DF_SIB = 0x80
+	DF1_LOCK_REP = 1,
+	//1 has segment override
+	DF1_SEG = 2,
+	//1 has operand size override
+	DF1_OSIZE = 4,
+	//1 has address size override
+	DF1_ASIZE = 8,
+	//1 vex instruction
+	DF1_VEX = 0x10,
+	//1 has rex
+	DF1_REX = 0x20,
+	//1 has modrm
+	DF1_MODRM = 0x40,
+	//1 has sib
+	DF1_SIB = 0x80
 } InstructionFlags;
 
 typedef enum {
 	// memory with displacement
-	DF_MEM_DISP = 0x1,
-	// 8-bit displacement
-	DF_MEM_DISP8 = 0x2,
-	// memory seg+offs (0xa0-0xa3)
-	DF_MEM_SEG_OFFS = 0x4,
-	// has immediate
-	DF_IMM = 0x8,
-	// 64-bit immediate (movabs)
-	DF_IMM64 = 0x10
+	DF2_MEM_DISP = 0x1,
+	//2 8-bit displacement
+	DF2_MEM_DISP8 = 0x2,
+	//2 memory seg+offs (0xa0-0xa3)
+	DF2_MEM_SEG_OFFS = 0x4,
+
+	// mask to check for memory flags
+	DF2_FLAGS_MEM = DF2_MEM_DISP | DF2_MEM_DISP8 | DF2_MEM_SEG_OFFS,
+
+	//2 has immediate
+	DF2_IMM = 0x8,
+	//2 64-bit immediate (movabs)
+	DF2_IMM64 = 0x10
 } InstructionFlags2;
 
 typedef enum {
diff --git a/xzre_code/CMakeLists.txt b/xzre_code/CMakeLists.txt
index 5dc3905..470f040 100644
--- a/xzre_code/CMakeLists.txt
+++ b/xzre_code/CMakeLists.txt
@@ -6,6 +6,7 @@ add_library(xzre_code
 	elf_parse.c
 	elf_symbol_get_addr.c
 	get_lzma_allocator.c
+	find_lea_instruction.c
 	find_string_reference.c
 	is_endbr64_instruction.c
 	init_elf_entry_ctx.c
diff --git a/xzre_code/find_lea_instruction.c b/xzre_code/find_lea_instruction.c
new file mode 100644
index 0000000..1f98af2
--- /dev/null
+++ b/xzre_code/find_lea_instruction.c
@@ -0,0 +1,25 @@
+/**
+ * Copyright (C) 2024 Stefano Moioli <smxdev4@gmail.com>
+ **/
+#include "xzre.h"
+
+BOOL find_lea_instruction(u8 *code_start, u8 *code_end, u64 displacement){
+
+	if(!secret_data_append_from_call_site(
+		(secret_data_shift_cursor_t){ 0x7C }, 
+		5, 6, 0)
+	){
+		return FALSE;
+	}
+	dasm_ctx_t dctx = {0};
+	for(;code_start < code_end; ++code_start){
+		if(x86_dasm(&dctx, code_start, code_end)
+			&& XZDASM_OPC(dctx.opcode) == X86_OPCODE_LEA
+			&& (dctx.flags2 & DF2_FLAGS_MEM) == DF2_MEM_DISP
+			&& (dctx.mem_disp == displacement || dctx.mem_disp == -displacement)
+		){
+			return TRUE;
+		}
+	}
+	return FALSE;
+}
\ No newline at end of file