|
As for morphing VM, well themida has got all already..
Bytes -> handler = dynamic (if 00 equals mov in the first instruction it will be different the second, and also different between programs.)
handler sequence = dynamic/random
byte encryption = carrying, modified by each byte(s) and each next byte(s) is encrypted with it.
+ Handler obfuscation
+ VM_code obfuscation
Not much more they could've done..
|