Simple Polymorphic Engine โ SPE32
Simple Polymorphic Engine (SPE32) is a simple polymorphic engine for encrypting code and data.
SPE32 allows you to encrypt any data and generate a unique decryption code for this data. The encryption algorithm uses randomly selected instructions and encryption keys.
The generated decryption code will be different each time.
Polymorphic decryption code as viewed in x86dbg debugger
Another polymorphic code mutation, this time with junk instructions
SPE32 features and status
The SPE32 engine is an amateur project that can be used to demonstrate what polymorphic engines are. I wrote it some time ago, but I thought it would be a good idea to make it public.
The entire code was written in a 32-bit assembler for the MASM compiler.
Features:
- entire code is position independent (delta offset is used to access data)
- XOR, ADD, SUB used for encryption
- junk opcodes generation - ADD,ADC,SUB,SBB,ROL,ROR,RCR,RCL,SHL,SHR,NOT,NEG,DEC,INC
I don't provide technical support for SPE32, use it at your own risk.
Fully fledged commercial polymorphic engine
If you are looking for professional solution take a look at our Poly Polymorphic Engine.
Poly Polymorphic Engine is the only commercial polymorphic engine available on the market. It's a highly specialized cryptographic solution which is used in anti-cracking software protection systems and anti-reverse engineering systems. Due to the complicated nature of their code, polymorphic engines aren't publicly available, and creating one requires highly specialized knowledge in low level assembly programming and reverse engineering as well as an extensive testing process.
Bartosz Wรณjcik
- Visit my site at โ https://www.pelock.com
- Twitter โ https://twitter.com/PELock
- GitHub โ https://github.com/PELock