diff --git a/source/arm11/cheat.c b/source/arm11/cheat.c
index 355b3b2..8a872f8 100644
--- a/source/arm11/cheat.c
+++ b/source/arm11/cheat.c
@@ -252,10 +252,15 @@ static int end_of_rom( CodeLocation addr, u32 size )
 
 static int rom_search_hookpoint( CodeLocation addr, int addrlen, CodeLocation hookpoint[MAX_HOOKPOINT] )
 {
-    int hookpoint_idx = 0;
+    CodeLocation mark[MAX_HOOKPOINT];
+    memset( mark, 0, sizeof(mark) );
+    int hookpoint_idx = 0, mark_idx = 0;
     for( int i=0; i < addrlen; ++i )
     {
         CodeLocation pc = addr + i;
+        if( *pc == 0x03007ffc && mark_idx < MAX_HOOKPOINT ) 
+            mark[mark_idx++] = pc;
+
         if( MASK_PC0(0XFFFF0FFF) == 0XE3A00301 &&
             MASK_PC1(0XFFF00FFF) == 0XE2800C02 &&
             MASK_PC2(0XFFF00FFF) == 0XE5D00008 &&
@@ -301,6 +306,30 @@ static int rom_search_hookpoint( CodeLocation addr, int addrlen, CodeLocation ho
 
         if( hookpoint_idx >= MAX_HOOKPOINT ) break;
     }
+    // test for core hookpoint
+    CodeLocation core_hpt = NULL;
+    for( int i=0; i < hookpoint_idx; ++i )
+    {
+        CodeLocation p = hookpoint[i];
+        if( p - addr > (1<<11) ) break;
+
+        for( int j = 0; j < mark_idx; ++j )
+        {
+            CodeLocation q = mark[j];
+            u32 d = p<q ? q-p : p-q;
+            if( d < (1<<10) )
+            {
+                core_hpt = p;
+                break;
+            }
+        }
+    }
+    if( core_hpt != NULL )
+    {
+        // log
+        hookpoint[0] = core_hpt;
+        hookpoint_idx = 1;
+    }
     return hookpoint_idx;
 }