Polymorphic engine
   HOME

TheInfoList



Click Here for Items Related To - Polymorphic engine
OR:
Polymorphic engine on:   [Wikipedia]   [Google]   [Amazon]

A polymorphic engine (sometimes called mutation engine or mutating engine) is a
software component Component-based software engineering (CBSE), also called component-based development (CBD), is a branch of software engineering that emphasizes the separation of concerns with respect to the wide-ranging functionality available throughout a give ...
that uses
polymorphic code In computing, polymorphic code is code that uses a polymorphic engine to mutate while keeping the original algorithm intact - that is, the ''code'' changes itself every time it runs, but the ''function'' of the code (its semantics) will not chang ...
to alter the payload while preserving the same functionality. Polymorphic
engines An engine or motor is a machine designed to convert one or more forms of energy into mechanical energy. Available energy sources include potential energy (e.g. energy of the Earth's gravitational field as exploited in hydroelectric power g ...
are used almost exclusively in malware, with the purpose of being harder for
antivirus software Antivirus software (abbreviated to AV software), also known as anti-malware, is a computer program used to prevent, detect, and remove malware. Antivirus software was originally developed to detect and remove computer viruses, hence the name. ...
to detect. They do so either by
encrypting In cryptography, encryption is the process of Code, encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can ...
or obfuscating the malware payload. One common deployment is a
file binder File binders are utility software that allow a user to "bind" multiple files together resulting in a single executable. They are commonly used by hackers to insert other programs such as Trojan horses into otherwise harmless files, making them mor ...
that weaves malware into normal files, such as office documents. Since this type of malware is usually polymorphic, it is also known as a ''polymorphic packer''. The engine of the
Virut Virut is a cybercrime malware botnet, operating at least since 2006, and one of the major botnets and malware distributors on the Internet. In January 2013 its operations were disrupted by the Polish organization Naukowa i Akademicka Sieć Komput ...
botnet A botnet is a group of Internet-connected devices, each of which runs one or more bots. Botnets can be used to perform Distributed Denial-of-Service (DDoS) attacks, steal data, send spam, and allow the attacker to access the device and its conn ...
is an example of a polymorphic engine.


References

{{DEFAULTSORT:Polymorphic Engine Types of malware