Polymorphic engine

---

title: "Polymorphic engine" type: doc version: 1 created: 2026-02-28 author: "Wikipedia contributors" status: active scope: public tags: ["types-of-malware"] description: "Type of computer program" topic_path: "general/types-of-malware" source: "https://en.wikipedia.org/wiki/Polymorphic_engine" license: "CC BY-SA 4.0" wikipedia_page_id: 0 wikipedia_revision_id: 0

::summary Type of computer program ::

A polymorphic engine (sometimes called mutation engine or mutating engine) is a software component that uses polymorphic code to alter the payload while preserving the same functionality.

Polymorphic engines are used almost exclusively in malware, with the purpose of being harder for antivirus software to detect. They do so either by encrypting or obfuscating the malware payload.

One common deployment is a file binder that weaves malware into normal files, such as office documents. Since this type of malware is usually polymorphic, it is also known as a polymorphic packer.

The engine of the Virut botnet is an example of a polymorphic engine.

References

References

1. (26 May 2021). "The most polymorphic virus around today". Kasperky.

::callout[type=info title="Wikipedia Source"] This article was imported from Wikipedia and is available under the Creative Commons Attribution-ShareAlike 4.0 License. Content has been adapted to SurfDoc format. Original contributors can be found on the article history page. ::