Contents

Mutation



Different programmers call the technology used for making executable code more complex and obscure differently: mutation, obfuscation, metamorphing, etc., but all these terms essentially mean the same thing.

The executable code is disassembled and broken down into individual instructions. Then each instruction is replaced by a set of instructions that perform the same operation but look more obscure.

After that, dozens of instructions that seemingly contain normal code but actually do not do anything useful are added between the existing instructions. The code added contains meaningless conditional jumps, cyclic handling of gibberish data, etc. All these things make it much harder for the attacker to analyze the program.