Polymorphic engine

Polymorphic engine

A polymorphic engine (sometimes called mutation engine or mutating engine) is a computer program that can be used to transform another program into a version that consists of different code with the same functionality. A typical polymorphic engine works by encrypting the target program in various ways and providing a decryption module that can vary widely.

Polymorphic engines are mainly used by computer viruses. In this case, the function of the polymorphic engine is to make it difficult for virus scanners to detect and identify the virus. The virus uses the polymorphic engine to encrypt itself in a different way for each program that it infects. As a consequence, it is impossible to detect the virus by searching for a fixed signature in program files, because every part of the encrypted virus is subject to change.

The first polymorphic engine was called MtE (short for Mutation Engine). It was written in 1992 by a virus author who called himself 'Dark Avenger'.

See also

External links



Wikimedia Foundation. 2010.

Игры ⚽ Нужен реферат?

Look at other dictionaries:

  • Engine (disambiguation) — An engine is a device that converts potential energy into mechanical work. Engine may also refer to:In thermodynamics: * Heat engine, a physical or theoretical device that converts thermal energy to mechanical output * Reciprocating engine, a… …   Wikipedia

  • Polymorphic code — In computer terminology, polymorphic code is code that mutates while keeping the original algorithm intact. This technique is sometimes used by computer viruses, shellcodes and computer worms to hide their presence. Most anti virus software and… …   Wikipedia

  • Computer virus — Not to be confused with Malware. A computer virus is a computer program that can replicate itself[1] and spread from one computer to another. The term virus is also commonly but erroneously used to refer to other types of malware, including but… …   Wikipedia

  • Chris Pile (programmer) — For other people named Chris Pile, see Chris Pile (disambiguation). Christopher Pile, a.k.a. The Black Baron , is a British programmer, born in 1969, living in Plymouth, Devon. He created the computer viruses Pathogen and Queeg . He was also a… …   Wikipedia

  • Dark Avenger — was a pseudonym of a computer virus writer from Sofia, Bulgaria. He gained considerable popularity during the early 1990s, as some of his viruses spread not only nationwide, but across Europe as well, even reaching the United States. Contents 1… …   Wikipedia

  • Oligomorphic code — An oligomorphic engine is generally used by a computer virus to generate a decryptor for itself in a way comparable to a simple polymorphic engine. It does this by randomly selecting each piece of the decryptor from several predefined… …   Wikipedia

  • Smeg Virus Construction Kit — The Smeg Virus Construction Kit (or SMEG) is a polymorphic engine written by virus writer Christopher Pile, known as The Black Baron. SMEG is an acronym for Simulated Metamorphic Encryption Generator. Messages within the two viruses Pile created… …   Wikipedia

  • Полиморфные генераторы — Полиморфные генераторы  исполнимые модули в составе компьютерных вирусов, главной функцией которых является шифрование тела вируса случайным ключом и генерация соответствующего случайного (но работающего!) расшифровщика. В итоге копии… …   Википедия

  • Dame — A Dame may be: Dame (title), a female title of rank, equivalent to Sir used as the title of a knight A title of respect for certain Benedictine nuns equivalent to the male Dom A pantomime dame An old word for the game pieces in the game of… …   Wikipedia

  • Simile (computer virus) — Win32/Simile (also known as Etap and MetaPHOR) is a metamorphic computer virus written in assembly language for Microsoft Windows. The virus was released in the most recent version in early March 2002. It was written by the virus writer Mental… …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”