# FIVEM CIPHER PANEL BASIC ANALYSIS AND INFECTION PAYLAOD DUMPS


** In this repo you will find **
    -> Infection Dumps from 15/03/2025
    -> A schema on how it work
    -> The repo doesn't contain de-obfuscated payloads.

    -> About Payoad obfuscation
        -> Stage 1 : Use Luraph
        -> Stage 2 : use some basic custom Xor encryption really easy to decrypt even chatgpt do it.
        -> Stage 3 : Use https://obfuscator.io/ you can partially revert with https://obf-io.deobfuscate.io/ (You will have to cleanup junk code manually.)
        -> Stage 4 : Some VM Like obfuscation for Javascript didn't look into it.
        -> Stage 5 : Not obfusctated clear-text powershell.
        -> Stage 6 : Backdoor'd DLLs and stuff didn't take the time to reverse it.
        -> Stage 7 : For lua files its Luraph, For JS files its https://obfuscator.io/


# A schema on how it works.

![Alt Text](https://git.yaya48.xyz/Yaya48/FIVEM_CIPHER_MALWARES/raw/branch/main/Cipher_15_03.png)