Para los que le interesen:
El motivo porque los punteros estáticos no eran estáticos era culpa al ASRL:
aunque se puede buscar la dirección de memoria con la base adress.exe + offsets como he conseguido hacer
pero cada parche lo cambian
4.2.1 ASLR
Up until version 3.x of WoW, the base address of the process was always located at address
0x401000 in memory [17]. This allowed programmers to use absolute addresses to all the
data structures they wanted to access. The developers of WoW changed this from version
4.x onwards by adding support for address space layout randomisation (ASLR), to make
WoW more secure.
ASLR is security technology that makes a system more secure by making it harder for
attackers to exploit existing vulnerabilities in the system. This is accomplished by randomising the memory layout of an executing program, which means that where an attacker
could previously know exactly where a function would be in memory, the attacker would
now have to guess the location in memory. This significantly decreases the chances of a
single exploitation attempt being successful. It can also cause the program to crash, which
limits the amount of exploitation attempts the attacker can practically make. ASLR is
integrated into several operating systems, and is enabled by default in Windows Vista
and Windows 7 [18].