Ads
related to: metamorphic vs polymorphic malware scan procedure reviews
Search results
Results From The WOW.Com Content Network
Metamorphic code is used by some viruses when they are about to infect new files, and the result is that the next generation will never look like current generation. The mutated code will do exactly the same thing (under the interpretation used), but the child's binary representation will typically be completely different from the parent's.
Polymorphic [1] 1990 First virus family to use polymorphic encryption 4K: 4096 DOS 1990-01 The first known MS-DOS-file-infector to use stealth 5lo: DOS 1992-10 Infects .EXE files only Abraxas: Abraxas5 DOS, Windows 95, 98 [1] 1993-04 Europe: ARCV group Infects COM file. Disk directory listing will be set to the system date and time when ...
Polymorphic algorithms make it difficult for such software to recognize the offending code because it constantly mutates. Malicious programmers have sought to protect their encrypted code from this virus-scanning strategy by rewriting the unencrypted decryption engine (and the resulting encrypted payload) each time the virus or worm is propagated.
Oligomorphic code, also known as semi-polymorphic code, is a method used by a computer virus to obfuscate its decryptor by generating different versions of it, in order to evade detection by antivirus software. It is similar to, but less sophisticated than, polymorphic code. [1]
A polymorphic engine (sometimes called mutation engine or mutating engine) is a software component that uses polymorphic code to alter the payload while preserving the same functionality. Polymorphic engines are used almost exclusively in malware , with the purpose of being harder for antivirus software to detect.
This metamorphic process is very complex and accounts for around 90% of the virus' code. After the rebuild, the virus searches for executable files in folders on all fixed and remote drives. Files will not be infected if they are located in a subfolder more than three levels deep, or if the folder name begins with the letter W.