polymorphic code

From ema
Jump to navigation Jump to search
EMA ID: ema-1032
Description: Packer stub generates polymorphic code on the fly (same file executes differently). This is a general category of defense evasion and may refer to any number of techniques. This capability is typically only found through analysis of related samples.

Examples

  • Packer Stub: A packer stub can generate polymorphic code on the fly, creating a file with the same functionality but different execution, making it difficult to detect.
  • Metamorphic Code: The code is changed, but the behavior is the same.

Associated Capabilities/Subcapabilities: Capability.png Defense Evasion

Associated With polymorphic code
No results