Revision as of 23:24, 7 August 2006 edit Allen Moore (talk \| contribs) 435 edits m →Example: Capitalized opcode mneumonic and expanded; removed x86-specific machine code. ← Previous edit		Revision as of 23:26, 7 August 2006 edit undo Allen Moore (talk \| contribs) 435 edits m →Example: Grammar pickup; corrected spelling of "technique". Next edit →
Line 60: The code inside "Encrypted" ("lots of encrypted code") could then search the code between Decryption_Code and CryptoKey and remove all the code that alters the variable C. Before the next time the encryption engine is used, it could input new unnecessary codes that alters C, or even exchange the code in the algorithm for new code that does the same thing. Usually the coder uses a zero key for the first generation of the virus, making it easier for him because with this key the code is not encrypted. He then implements an incremental key algorithm or a random one. ~~Other~~Another polymorphism ~~technic~~technique is to autoinject NOP (No Operation) or other opcodes that don't alter the algorithm. == See also ==

Polymorphic code: Difference between revisions