Jump to content

Oligomorphic code

From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by 72.141.64.79 (talk) at 19:43, 22 April 2006. The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

An oligomorphic virus is a computer virus that can change its encryptor but not the code base that's being encrypted. This is unlike a "polymorphic" virus that can change both the encryptor and the code base being encrypted or a "metamorphic" virus that can not only change the encryptor and the code base but the payload being delivered too.

In simpler computer terms, you can look at an oligomorphic virus as a virus that is able to change it's compression from ZIP to RAR, but it can't change the files that are being zipped/compressed.

The usefulness of this is that if a piece of anti-virus software is searching for a certain virus signature that includes the encrypted data, if the virus changes it's encryptor, than the encrypted data's appearance to the virus scanner will also change.

Compare it to changing the envelope you're mailing a letter in from yellow, to white, will make it harder for anyone looking for a yellow envelope to find yours.


Stub icon

This computing article is a stub. You can help Wikipedia by expanding it.

Retrieved from "https://en.wikipedia.org/w/index.php?title=Oligomorphic_code&oldid=49637757"