Metamorphic virus

Virus that changes its own code with each infection

A metamorphic virus is one that is capable of rewriting its own code with each infection, or generation of infections, while maintaining the same functionality.

The rewriting process allows each infection to appear different from others, but the changes are not supposed to affect the functionality of the code. This is intended to avoid detection by anti-malware software, but can usually be overcome via emulation or other techniques, and in many cases is deployed in a flawed manner leading to large numbers of misinfections. The complex technology required to do the rewriting is known as a metamorphic engine, and the same such engine may be implemented in several different virus variants.

The term is often used interchangeably with polymorphic virus.

Glossary


	Similar entries Adware Appender Backdoor Blended threat Boot sector virus Bot Botnet Cavity filler Chain letter Clicker Companion virus Data diddler DDoS Dialler Dictionary attack Directory harvesting DoS Downloader Drive-by download Exploit File infector virus Fork bomb Hoax Intended virus Joke Keylogger Logic bomb Macro virus Malware Mass-mailer Mid-infector Misinfection Multipartite virus Password stealer Pharming Polymorphic virus Prepender Ransomware Rootkit Smurf attack Spyware Trojan Virus Wabbit Worm Zip bomb Zombie See also Glossary Resources

Quick Links

Poll

The Japanese government is reported to have commissioned a 'defensive virus'. Is 'defensive' malware ever a good idea?
Leave a comment
View 10 comments

Jobs


	In Virus Bulletin's jobs pages among others: Software Tester (m/f) Linux (Tettnang, Germany) Senior Software Engineers for Mobile Research (Plaza Sentral, Kuala Lumpur, Malaysia)

Virus Bulletin currently has 224,204 registered users.

Fighting malware and spam

Metamorphic virus

See also