ZuoTi.Pro
Question

4.

The following code fragments show a sequence of virus instructions and a metamorphic version of the virus. Briefly describe the effect produced by the metamorphic code.

Metamorphic code

The following code fragments show a sequence of virus instructions and a metamorphic version of the virus. Briefly describe t

engineering   Computer-Science   
0 0
Add a comment Improve this question Transcribed image text
Next > < Previous
Sort answers by oldest

Homework Answers

Answer #1

Metamorphic virus :

  • The metamorphic virus changes with each infection.
  • Virus is a computer program or part of code that is loaded onto the user computer without user knowledge and executes against the user's wishes. Virus can also duplicate the data in the user's computer.
  • It may change the program's actions as well as their appearance.

Code fragments:

Original Code Metamorphic Code
mov eax, 5 mov eax, 5
add eax, ebx push ecx
call [eax] pop ecx
add eax, ebx
swap eax, ebx
swap ebx, eax
call [eax]
nop

Effect produced by metamorphic version:-


The effect produced by metamorphic version is as follows,

  • It changes the original code to interrupt the signature but it does not affect the semantics of the original code.
  • In the above table, the semantics of the original code is not affected. But, it interrupts the signature of the original code by changing the behavior, which is highlighted in the metamorphic code.
  • The useless instruction in the metamorphic code are the second, third, fifth, sixth and eighth.

Note: Could you please consider my effort on this work and give up vote. Thank you :)

5 1
Add a comment
Know the answer?
Add Answer to:
4. The following code fragments show a sequence of virus instructions and a metamorphic version of...
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Log In

Sign Up

Not the answer you're looking for? Ask your own homework help question. Our experts will answer your question WITHIN MINUTES for Free.
Similar Homework Help Questions

  • 16. List the 3 types of memory partitions as discussed in class. 17. In which of...

    16. List the 3 types of memory partitions as discussed in class. 17. In which of the 3 types of memory are static variables stored? 18. There are two things the NOP instruction accomplishes while doing nothing, list one. 19. Given ecx = 0x0000007B, so cl=0x7B, what is the minimum value that when added, would set the OVERFLOW flag?    add cl, __________ ; minimum value to cause OF to be set Short Answer (40 pts) 20. (4 pts) Given...

  • And also when recursive(5). Consider the following funtion int recursive(int n) f The assembly code equivalent...

    And also when recursive(5). Consider the following funtion int recursive(int n) f The assembly code equivalent of the above function is: recursive push %ebp mov %esp,%ebp push %ebx sub $0x14,%esp cmpl $0x1,0x8(%ebp) je L1 cmpl $0x2,0x8(%ebp) jne L2 L1 mov 0x8 (%ebp),%eax jmp L3 L2 mov 0x8 (%ebp),%eax sub $0x1,%eax mov %eax, (%esp call recursive mov %eax,%ebx mov ox8(%ebp),%eax sub $0x2,%eax mov %eax, (%esp call recursive imul %ebx,%eax L3 add $0x14,%esp pop %ebx pop %ebp ret

  • X86 Assembly Language Help to implement the CipherChar Procedure at the end of the given code...

    X86 Assembly Language Help to implement the CipherChar Procedure at the end of the given code INCLUDE Irvine32.inc         .data       KeyPrompt BYTE "Enter the passphrase: ",0       TextPrompt BYTE "Enter the plaintest: ",0           str1 BYTE "The passphrase has length:",0           str2 BYTE "The plaintest has length:",0       KeyIs BYTE "The passphrase: ",0       PlainTextIs BYTE "The plaintext: ",0       CipherTextIs BYTE "The ciphertext: ",0       KMAX = 64                        ; passphrase buffer maximum size       BMAX = 128                       ; test...

  • You are charged with maintaining a large C rogram and you come across the following code...

    You are charged with maintaining a large C rogram and you come across the following code typedef struct int left a-struct a [CNT] int right b-struct; void testlint i, b-struct *bp) int n bp- left bp-rights a-struct ap &bp- ali] ap- Cap- idx] n; The declaration of the compile time constant CNT and the structure a struct are in a file for which you don't have necessary access privilege. Fortunately you have a copy of the o' version of code,...

  • Below is the disassembled code. PLease help me to defuse the binary bomb phase_4 so the...

    Below is the disassembled code. PLease help me to defuse the binary bomb phase_4 so the right input should be  6 numbers with a certain pattern 08048cdb <phase_4>: 8048cdb: 53 push %ebx 8048cdc: 83 ec 38 sub $0x38,%esp 8048cdf: 8d 44 24 18 lea 0x18(%esp),%eax 8048ce3: 89 44 24 04 mov %eax,0x4(%esp) 8048ce7: 8b 44 24 40 mov 0x40(%esp),%eax 8048ceb: 89 04 24 mov %eax,(%esp) 8048cee: e8 11 07 00 00 call 8049404 <read_six_numbers> 8048cf3: 83 7c 24 18 00 cmpl...

  • LC-3 Programming Help!! The Stack Protocol The following outline is the protocol for passing arguments to...

    LC-3 Programming Help!! The Stack Protocol The following outline is the protocol for passing arguments to a function and returning values. Everything is stored on the runtime stack so that space is used only when the function is executing. As a result the actual address of arguments and locals may change from call to call. However, the layout of the stack frame (activation record) is constant. Thus, the offests from the frame pointer (FP) to the parameters/locals are constant. All...

ADVERTISEMENT
Free Homework Help App
Download From Google Play
Scan Your Homework
to Get Instant Free Answers
Need Online Homework Help?
Ask a Question
Get Answers For Free
Most questions answered within 3 hours.
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT