T1027.014 Polymorphic Code Mappings

Adversaries may utilize polymorphic code (also known as metamorphic or mutating code) to evade detection. Polymorphic code is a type of software capable of changing its runtime footprint during code execution.(Citation: polymorphic-blackberry) With each execution of the software, the code is mutated into a different version of itself that achieves the same purpose or objective as the original. This functionality enables the malware to evade traditional signature-based defenses, such as antivirus and antimalware tools.(Citation: polymorphic-sentinelone) Other obfuscation techniques can be used in conjunction with polymorphic code to accomplish the intended effects, including using mutation engines to conduct actions such as Software Packing, Command Obfuscation, or Encrypted/Encoded File.(Citation: polymorphic-linkedin)(Citation: polymorphic-medium)

View in MITRE ATT&CK®

VERIS Mappings

Showing 1 to 1 of 1 rows

GCP Mappings

Loading, please wait
Capability ID
Capability Description
Mapping Type
ATT&CK ID
ATT&CK Name
Notes
cloud_ids Cloud IDS technique_scores T1027.014 Polymorphic Code
Showing 1 to 1 of 1 rows