Yaya48/FIVEM_CIPHER_MALWARES
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Actualiser README.md

Browse Source
This commit is contained in:
Yaya48
2025-03-15 19:57:31 +01:00
parent 8510c83dde
commit d7db15f60c
1 changed files with 21 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
README.md
View File

@@ -0,0 +1,21 @@
# FIVEM CIPHER PANEL BASIC ANALYSIS AND INFECTION PAYLAOD DUMPS
** In this repo you will find **
-> Infection Dumps from 15/03/2025
-> A schema on how it work
-> The repo doesn't contain de-obfuscated payloads.
-> About Payoad obfuscation
-> Stage 1 : Use Luraph
-> Stage 2 : use some basic custom Xor encryption really easy to decrypt even chatgpt do it.
-> Stage 3 : Use https://obfuscator.io/ you can partially revert with https://obf-io.deobfuscate.io/ (You will have to cleanup junk code manually.)
-> Stage 4 : Some VM Like obfuscation for Javascript didn't look into it.
-> Stage 5 : Not obfusctated clear-text powershell.
-> Stage 6 : Backdoor'd DLLs and stuff didn't take the time to reverse it.
-> Stage 7 : For lua files its Luraph, For JS files its https://obfuscator.io/
# A schema on how it works.
![Alt Text](https://git.yaya48.xyz/Yaya48/FIVEM_CIPHER_MALWARES/raw/branch/main/Cipher_15_03.png)