Revision as of 04:55, 26 April 2017 edit Tjgerot (talk \| contribs) 58 edits m The original author used the word code in describing an analogy, however the analogy is more directly related to mathematics than programming. Replacing the clause paints a clearer picture regarding polymorphism. Removed bad comma. ← Previous edit		Revision as of 18:42, 24 June 2017 edit undo FockeWulf FW 190 (talk \| contribs) Extended confirmed users, Rollbackers 3,637 edits Removing link(s) to "Mark Washburn": removed links to deleted article article. (TW) Next edit →
Line 15: Emulation may be used to defeat polymorphic obfuscation by letting the malware demangle itself in a virtual environment before utilising other methods, such as traditional signature scanning. Such a virtual environment is sometimes called a [[Sandbox (computer security)\|sandbox]]. Polymorphism does not protect the virus against such emulation if the decrypted payload remains the same regardless of variation in the decryption algorithm. [[Metamorphic code]] techniques may be used to complicate detection further, as the virus may execute without ever having identifiable code blocks in memory that remain constant from infection to infection. The first known polymorphic virus was written by [[Mark Washburn]]. The virus, called [[1260 (computer virus)\|1260]], was written in 1990. A better-known polymorphic virus was created in 1992 by the hacker [[Dark Avenger]] (a [[pseudonym]]) as a means of avoiding pattern recognition from antivirus software. A common and very virulent polymorphic virus is the file infecter [[Virut]]. == Example ==

Polymorphic code: Difference between revisions