Hello hello guys! I got an oportunity to show you some older my program known as TMC. It means Tiny Mutation Compiler - because it is a mutation compiler. My virii is not a hard-coded in fact but it is recompiled for each run by a compiler from a pseudo-code given. So every time it might looks different. And it looks different. The idea is very simple: there is no need to code large and av-proof decryptors just to permutate your own body. That what TMC does.
But you can't change your body anyway you want. You need some rules, here in my sources, all virus instructions are enclosed in macro brackets whose generates a pseudo-code. It contains normal opcodes and some neccessary flags, instruction length and other info needed for linking (see my macros - they explain it all).
For first generation a "starter" (first generation compiler) must be used, that is included too. In others, there is only a compiler core in file which is also permutated and encrypted pseudocode. To run virus, it must be compiled at first. Also used compiler is also written in pseudocode so it can be replicated too.

Compilation (btw: it is more like a linking than a compilation) is easy: instructions are placed whereever in compiled buffer, connected with jumps and conditional jumps (they are followed with 3xNOP for worst case of linking, as you know from one-pass compilation same as is here). If given chunk is a data or label, it is remembered in linker as a label. If it is a instruction that refers it (jump or memory access), a correct address is placed from linkere there. So instruction flow can be breaked at any point and memory-access addresses, jump address will differ a lot. And this is body permutation, as you can see: no scanstring can be choosed, because there is always risk of breaking instructions within scanstring, and any jumps may be placed there. And heuristic can't wait until it is whole compiled. Thats it. Enjoy my sources and be happy.


Download source code of TMC:Level_6x9 here Download source code