Search results
Results from the WOW.Com Content Network
Polymorphic algorithms make it difficult for such software to recognize the offending code because it constantly mutates. Malicious programmers have sought to protect their encrypted code from this virus-scanning strategy by rewriting the unencrypted decryption engine (and the resulting encrypted payload) each time the virus or worm is propagated.
The use of templates as a metaprogramming technique requires two distinct operations: a template must be defined, and a defined template must be instantiated.The generic form of the generated source code is described in the template definition, and when the template is instantiated, the generic form in the template is used to generate a specific set of source code.
A polymorphic engine (sometimes called mutation engine or mutating engine) is a software component that uses polymorphic code to alter the payload while preserving the same functionality. Polymorphic engines are used almost exclusively in malware , with the purpose of being harder for antivirus software to detect.
This differs from polymorphic code, where the polymorphic engine can not rewrite its own code. Metamorphic code is used by some viruses when they are about to infect new files, and the result is that the next generation will never look like current generation.
(In a dynamic code generator, this call is a direct call as the direct address is back patched by cache miss logic.) Prologue code in the called method then compares the cached class with the actual object class, and if they don't match, execution branches to a cache miss handler to find the correct method in the class.
Type checking (including type conversions and polymorphism) Run-time environment (including parameter passing, symbol tables and register allocation) Code generation (including intermediate code generation) Code optimization
Self-modifying code is also sometimes used by programs that do not want to reveal their presence, such as computer viruses and some shellcodes. Viruses and shellcodes that use self-modifying code mostly do this in combination with polymorphic code. Modifying a piece of running code is also used in certain attacks, such as buffer overflows.
SMEG is an acronym for Simulated Metamorphic Encryption Generator. Messages within the two viruses Pile created with it, SMEG.Pathogen and SMEG.Queeg, suggest that it is also an allusion to the word smeg, used as a profanity by characters in the British TV series Red Dwarf. [1] The engine is designed to be used to add polymorphism to viruses.